-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/29/2011 03:48 AM, Jan Zelený wrote: > Jan Zelený <jzel...@redhat.com> wrote: >> I'm sending two patches solving selection of appropriate principal for >> GSSAPI authentication from keytab file. >> >> A part of the first patch is a fix of an error present in the >> documentation. I did that early in the development phase of the patch and >> I didn't want to tamper with the finished patch any more. Sorry for this >> inconsistency. >> >> Jan > > This is updated version without the code mixup. Also the documentation update > from my patch 007 has been sqashed to this one, so all related changes are in > one patch.
Nack. If the SDAP_SASL_AUTHID has been explicitly set, but the SDAP_SASL_REALM hasn't, why are you overriding SDAP_SASL_AUTHID with select_principal_from_keytab()? It would be nice to have an optional return value from select_principal_from_keytab() that was the complete string, so that in ldap_child_get_tgt_sync() we can just ask for that instead of the two final_* variables. (The _primary and _realm arguments should also be optional. It should be possible to pass NULL to them and not have the results talloc_strdup()ed into them) krb_ctx should be initialized to NULL (in case we ever put a 'goto done' before krb5_init_context()) As mentioned in other recent reviews, instead of parsing on @, please use krb5_unparse_name_flags() and krb5_principal_get_realm() to return the primary and realm components. And as mentioned above, it would be nice to be able to return principal_string directly if requested. In the documentation: s/canvenient/convenient "Priority of chosen principal is this:" should be "Priority of the chosen principal is as follows:" - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk2RzosACgkQeiVVYja6o6PKggCeLPggmUAGEn4BChHSS2A6JgJU oCAAn2Ch+Y07xDRfQ0JnWb0CSkQNPRAP =VHS9 -----END PGP SIGNATURE----- _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
