[SSSD] [PATCH] Warn if ad_server contains IP address

Justin Stephenson Wed, 24 Feb 2016 14:20:47 -0800

First patch, see attached.

This is for easy fix from ticket
https://fedorahosted.org/sssd/ticket/2789

I am going on the assumption that if the first 2 characters of ad_serverare digits then it is likely an IP address and not hostname. If you havea better idea for this please let me know.


Kind regards,
Justin Stephenson

>From 280f7af2e05304fe4eee8a1803abdb72aedad439 Mon Sep 17 00:00:00 2001
From: Justin Stephenson <[email protected]>
Date: Wed, 24 Feb 2016 16:48:39 -0500
Subject: [PATCH] Warn if ad_server is not a hostname due to GSSAPI problems

Resolves: https://fedorahosted.org/sssd/ticket/2789
---
 src/providers/ad/ad_common.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
index 4f8223879a504d1e34b39f4166601c53fd6a73fe..c0e1161d89b727a664826b28c59239860a497299 100644
--- a/src/providers/ad/ad_common.c
+++ b/src/providers/ad/ad_common.c
@@ -378,6 +378,14 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
 
     /* Did we get an explicit server name, or are we discovering it? */
     server = dp_opt_get_string(opts->basic, AD_SERVER);
+
+    /* Provide warning if IP address is used instead of hostname */
+    if (isdigit(server[0]) || isdigit(server[1])) {
+        DEBUG(SSSDBG_CONF_SETTINGS,
+              "Warning: ad_server [%s] detected as IP address, "
+                     "this may cause GSSAPI problems!\n", server);
+    }
+
     if (!server) {
         DEBUG(SSSDBG_CONF_SETTINGS,
               "No AD server set, will use service discovery!\n");
-- 
2.4.3

_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/admin/lists/[email protected]

[SSSD] [PATCH] Warn if ad_server contains IP address

Reply via email to