From 19923985b69ccd5f2a33a067bfc3ed020889377e Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Tue, 13 Jun 2023 18:02:52 +0200
Subject: [PATCH 1/3] service: allow multiple names and _srv_ ad_server option

realmd checks if the 'ad_server' option is set in sssd.conf before
calling adcli to remove the host from the AD server. If set the value is
used as value for dcli's '--domain-controller' option. But if multiple
names are set in sssd.conf this currently fails because the whole string
is used.

With this patch the 'ad_server' option is properly evaluated and only
the first domain controller name is used.
---
 service/realm-sssd-ad.c | 36 +++++++++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/service/realm-sssd-ad.c b/service/realm-sssd-ad.c
index 2817e73..096b6c5 100644
--- a/service/realm-sssd-ad.c
+++ b/service/realm-sssd-ad.c
@@ -649,6 +649,40 @@ realm_sssd_ad_generic_finish (RealmKerberosMembership *realm,
 	return g_task_propagate_boolean (G_TASK (result), error);
 }
 
+static gchar *get_ad_server_from_config (RealmKerberos *realm)
+{
+	RealmSssd *sssd = REALM_SSSD (realm);
+	RealmIniConfig *config;
+	const gchar *section;
+	gchar **servers;
+	gchar *tmp;
+	size_t c;
+	gchar *value = NULL;
+
+	config = realm_sssd_get_config (sssd);
+	section = realm_sssd_get_config_section (sssd);
+
+	if (section == NULL) {
+		return NULL;
+	}
+
+	servers = realm_ini_config_get_list (config, section, "ad_server", ",");
+	/* Only use the first server defined given in 'ad_server' and ignore
+	 * '_srv_'. */
+	if (servers != NULL) {
+		for (c = 0; servers[c] != NULL; c++) {
+			tmp = g_strstrip (servers[c]);
+			if (strcasecmp ("_srv_", tmp) != 0) {
+				value = g_strdup (tmp);
+				break;
+			}
+		}
+		g_strfreev (servers);
+	}
+
+	return value;
+}
+
 static void
 realm_sssd_ad_discover_myself (RealmKerberos *realm,
                                RealmDisco *disco)
@@ -665,7 +699,7 @@ realm_sssd_ad_discover_myself (RealmKerberos *realm,
 	if (section == NULL)
 		return;
 
-	value = realm_ini_config_get (config, section, "ad_server");
+	value = get_ad_server_from_config (realm);
 	g_free (disco->explicit_server);
 	disco->explicit_server = value;
 
-- 
2.43.0