realmd/SOURCES/0001-service-allow-multiple...

From 19923985b69ccd5f2a33a067bfc3ed020889377e Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Tue, 13 Jun 2023 18:02:52 +0200
Subject: [PATCH 1/3] service: allow multiple names and _srv_ ad_server option

realmd checks if the 'ad_server' option is set in sssd.conf before
calling adcli to remove the host from the AD server. If set the value is
used as value for dcli's '--domain-controller' option. But if multiple
names are set in sssd.conf this currently fails because the whole string
is used.

With this patch the 'ad_server' option is properly evaluated and only
the first domain controller name is used.
---
 service/realm-sssd-ad.c | 36 +++++++++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/service/realm-sssd-ad.c b/service/realm-sssd-ad.c
index 2817e73..096b6c5 100644
--- a/service/realm-sssd-ad.c
+++ b/service/realm-sssd-ad.c
@@ -649,6 +649,40 @@ realm_sssd_ad_generic_finish (RealmKerberosMembership *realm,
 	return g_task_propagate_boolean (G_TASK (result), error);
 }
 
+static gchar *get_ad_server_from_config (RealmKerberos *realm)
+{
+	RealmSssd *sssd = REALM_SSSD (realm);
+	RealmIniConfig *config;
+	const gchar *section;
+	gchar **servers;
+	gchar *tmp;
+	size_t c;
+	gchar *value = NULL;
+
+	config = realm_sssd_get_config (sssd);
+	section = realm_sssd_get_config_section (sssd);
+
+	if (section == NULL) {
+		return NULL;
+	}
+
+	servers = realm_ini_config_get_list (config, section, "ad_server", ",");
+	/* Only use the first server defined given in 'ad_server' and ignore
+	 * '_srv_'. */
+	if (servers != NULL) {
+		for (c = 0; servers[c] != NULL; c++) {
+			tmp = g_strstrip (servers[c]);
+			if (strcasecmp ("_srv_", tmp) != 0) {
+				value = g_strdup (tmp);
+				break;
+			}
+		}
+		g_strfreev (servers);
+	}
+
+	return value;
+}
+
 static void
 realm_sssd_ad_discover_myself (RealmKerberos *realm,
                                RealmDisco *disco)
@@ -665,7 +699,7 @@ realm_sssd_ad_discover_myself (RealmKerberos *realm,
 	if (section == NULL)
 		return;
 
-	value = realm_ini_config_get (config, section, "ad_server");
+	value = get_ad_server_from_config (realm);
 	g_free (disco->explicit_server);
 	disco->explicit_server = value;
 
-- 
2.43.0
import realmd-0.17.1-2.el8 8 months ago			`From 19923985b69ccd5f2a33a067bfc3ed020889377e Mon Sep 17 00:00:00 2001`
			`From: Sumit Bose <sbose@redhat.com>`
			`Date: Tue, 13 Jun 2023 18:02:52 +0200`
			`Subject: [PATCH 1/3] service: allow multiple names and _srv_ ad_server option`

			`realmd checks if the 'ad_server' option is set in sssd.conf before`
			`calling adcli to remove the host from the AD server. If set the value is`
			`used as value for dcli's '--domain-controller' option. But if multiple`
			`names are set in sssd.conf this currently fails because the whole string`
			`is used.`

			`With this patch the 'ad_server' option is properly evaluated and only`
			`the first domain controller name is used.`
			`---`
			`service/realm-sssd-ad.c \| 36 +++++++++++++++++++++++++++++++++++-`
			`1 file changed, 35 insertions(+), 1 deletion(-)`

			`diff --git a/service/realm-sssd-ad.c b/service/realm-sssd-ad.c`
			`index 2817e73..096b6c5 100644`
			`--- a/service/realm-sssd-ad.c`
			`+++ b/service/realm-sssd-ad.c`
			`@@ -649,6 +649,40 @@ realm_sssd_ad_generic_finish (RealmKerberosMembership *realm,`
			`return g_task_propagate_boolean (G_TASK (result), error);`
			`}`

			`+static gchar get_ad_server_from_config (RealmKerberos realm)`
			`+{`
			`+ RealmSssd *sssd = REALM_SSSD (realm);`
			`+ RealmIniConfig *config;`
			`+ const gchar *section;`
			`+ gchar **servers;`
			`+ gchar *tmp;`
			`+ size_t c;`
			`+ gchar *value = NULL;`
			`+`
			`+ config = realm_sssd_get_config (sssd);`
			`+ section = realm_sssd_get_config_section (sssd);`
			`+`
			`+ if (section == NULL) {`
			`+ return NULL;`
			`+ }`
			`+`
			`+ servers = realm_ini_config_get_list (config, section, "ad_server", ",");`
			`+ /* Only use the first server defined given in 'ad_server' and ignore`
			`+ * '_srv_'. */`
			`+ if (servers != NULL) {`
			`+ for (c = 0; servers[c] != NULL; c++) {`
			`+ tmp = g_strstrip (servers[c]);`
			`+ if (strcasecmp ("_srv_", tmp) != 0) {`
			`+ value = g_strdup (tmp);`
			`+ break;`
			`+ }`
			`+ }`
			`+ g_strfreev (servers);`
			`+ }`
			`+`
			`+ return value;`
			`+}`
			`+`
			`static void`
			`realm_sssd_ad_discover_myself (RealmKerberos *realm,`
			`RealmDisco *disco)`
			`@@ -665,7 +699,7 @@ realm_sssd_ad_discover_myself (RealmKerberos *realm,`
			`if (section == NULL)`
			`return;`

			`- value = realm_ini_config_get (config, section, "ad_server");`
			`+ value = get_ad_server_from_config (realm);`
			`g_free (disco->explicit_server);`
			`disco->explicit_server = value;`

			`--`
			`2.43.0`