[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
** Changed in: heimdal (Debian) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/120649 Title: hdb-ldap is broken in 0.7.2 when used with samba-ldap To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/120649/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
** Changed in: heimdal (Ubuntu) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/120649 Title: hdb-ldap is broken in 0.7.2 when used with samba-ldap -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
** Tags added: patch-accepted-debian -- hdb-ldap is broken in 0.7.2 when used with samba-ldap https://bugs.launchpad.net/bugs/120649 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
The proposed patch was not working for me. I suspect a small error in it. I propose the following correction that seems to work for me. Please not that it seems tha the solution proposed on the heimdal list is quite different. Cheers --- ./heimdal-0.7.2/lib/hdb/hdb-ldap.c 2005-04-18 10:03:54.0 +0200 +++ ./heimdal-0.7.2.dfsg.1/lib/hdb/hdb-ldap.c 2007-07-03 18:32:16.0 +0200 @@ -666,6 +666,7 @@ } if (ent-etypes) { + int add_krb5EncryptionType = 0; /* clobber and replace encryption types. */ if (!is_new_entry) { values = ldap_get_values(HDB2LDAP(db), msg, krb5EncryptionType); @@ -675,19 +676,25 @@ NULL); if (ret) goto out; + add_krb5EncryptionType = 1; } + } else if (is_heimdal_entry) { + add_krb5EncryptionType = 1; } - for (i = 0; i ent-etypes-len; i++) { - if (is_samba_account - ent-keys.val[i].key.keytype == ETYPE_ARCFOUR_HMAC_MD5) - { - ; - } else if (is_heimdal_entry) { - ret = LDAP_addmod_integer(context, mods, LDAP_MOD_ADD, - krb5EncryptionType, - ent-etypes-val[i]); - if (ret) - goto out; + + if (add_krb5EncryptionType) { + for (i = 0; i ent-etypes-len; i++) { + if (is_samba_account + ent-keys.val[i].key.keytype == ETYPE_ARCFOUR_HMAC_MD5) + { + ; + } else if (is_heimdal_entry) { + ret = LDAP_addmod_integer(context, mods, LDAP_MOD_ADD, + krb5EncryptionType, + ent-etypes-val[i]); + if (ret) + goto out; + } } } } -- hdb-ldap is broken in 0.7.2 when used with samba-ldap https://bugs.launchpad.net/bugs/120649 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
My proposed patch doesn't solve all. If there is no krb5EncryptionType attribute in the initial entry,none are added by changing password with passwd and so it works. if the attribute is present, it fails with (it seems) the following error : internal error in get_pa_etype_info2([EMAIL PROTECTED]): 1 != 6 -- hdb-ldap is broken in 0.7.2 when used with samba-ldap https://bugs.launchpad.net/bugs/120649 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
I'm not sure what you think your patch does that is different than mine (I claim no credit for writing it, I just took what was in upstream and applied it to 0.7.2). The only difference I am seeing is the one set of {} around the action taken as a result of the first else if (is_heimdal_entry)... the two syntaxes are functionally equiv. Is there something else I am missing? I suspect the issue you are encountering is actually somewhere else in the code, as the issue I was addressing just had to do with applying krb5EncryptionType when none should have been. It sounds like your issue is that the code isn't returning the correct information instead... --Matt P.S. What are you doing that is causing you to have krb5EncryptionType set on your keys? -- hdb-ldap is broken in 0.7.2 when used with samba-ldap https://bugs.launchpad.net/bugs/120649 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
** Changed in: heimdal (Debian) Status: Unknown = Confirmed -- hdb-ldap is broken in 0.7.2 when used with samba-ldap https://bugs.launchpad.net/bugs/120649 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
** Bug watch added: Debian Bug tracker #372685 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372685 ** Also affects: heimdal (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372685 Importance: Unknown Status: Unknown ** Changed in: heimdal (Ubuntu) Importance: Undecided = Medium Status: New = Confirmed -- hdb-ldap is broken in 0.7.2 when used with samba-ldap https://bugs.launchpad.net/bugs/120649 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
Looks like this is debian bug #372685, and unresolved there as welll -- hdb-ldap is broken in 0.7.2 when used with samba-ldap https://bugs.launchpad.net/bugs/120649 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 120649] Re: hdb-ldap is broken in 0.7.2 when used with samba-ldap
And here is the patch, as an attachment, if that helps. ** Attachment added: Fixes issues with hdb-ldap when krb5Principal is also a sambaSAMAccount http://launchpadlibrarian.net/8097853/hdb-ldap-enctypes-fix.dpatch -- hdb-ldap is broken in 0.7.2 when used with samba-ldap https://bugs.launchpad.net/bugs/120649 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs