From 05e6d39a988e76d5803f79018a9e40d435f6d2f7 Mon Sep 17 00:00:00 2001 From: NeilBrown Date: Tue, 2 Jul 2013 08:27:41 -0400 Subject: [PATCH] gssd: don't give up on machine credential if hostname not available. krb5_util tries various different credential names in order to find the machine credential, not all of them use the full host name of the current host. So if getting the full host name fails, don't give up completely, still try the other options. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson --- utils/gssd/krb5_util.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c index abebdcd..a6c7eb0 100644 --- a/utils/gssd/krb5_util.c +++ b/utils/gssd/krb5_util.c @@ -825,8 +825,10 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, myhostad[i+1] = 0; retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname)); - if (retval) - goto out; + if (retval) { + /* Don't use myhostname */ + myhostname[0] = 0; + } code = krb5_get_default_realm(context, &default_realm); if (code) { @@ -891,6 +893,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, myhostad, NULL); } else { + if (!myhostname[0]) + continue; snprintf(spn, sizeof(spn), "%s/%s@%s", svcnames[j], myhostname, realm); code = krb5_build_principal_ext(context, &princ, -- 1.8.3.1.487.g3e7a5b4