Bug#709632: marked as done (gssd: Ignores a preferred_realm specified via the -R option)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Thu, 9 Sep 2021 00:33:47 +1000
with message-id <YTjJywUbcXS522Eg@master.debian.org>
and subject line Re: gssd: Ignores a preferred_realm specified via the -R option
has caused the Debian Bug report #709632,
regarding gssd: Ignores a preferred_realm specified via the -R option
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
709632: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709632
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: gssd: Ignore a preferred_realm specified via the -R option
• From: Maximilian Wilhelm <max@rfc2324.org>
• Date: Fri, 24 May 2013 16:56:52 +0200
• Message-id: <20130524145652.10418.68198.reportbug@maxhell.uni-paderborn.de>

Package: nfs-common
Version: 1:1.2.2-4squeeze2
Severity: normal
Tags: patch


gssd ignores a preferred_realm specified via the -R command line option.

The attached patch fixes this problem and has already been sent to linux-nfs upstream.

This problem affects all Debian suites.

Will there be a fix for Squeeze and Wheezy?

-- System Information:
Debian Release: 6.0.7
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages nfs-common depends on:
ii  adduser            3.112+nmu2            add and remove users and groups
ii  initscripts        2.88dsf-13.1+squeeze1 scripts for initializing and shutt
ii  libc6              2.11.3-4              Embedded GNU C Library: Shared lib
ii  libcap2            1:2.19-3              support for getting/setting POSIX.
ii  libcomerr2         1.41.12-4stable1      common error description library
ii  libevent-1.4-2     1.4.13-stable-1       An asynchronous event notification
ii  libgssapi-krb5-2   1.8.3+dfsg-4squeeze6  MIT Kerberos runtime libraries - k
ii  libgssglue1        0.1-4                 mechanism-switch gssapi library
ii  libk5crypto3       1.8.3+dfsg-4squeeze6  MIT Kerberos runtime libraries - C
ii  libkrb5-3          1.8.3+dfsg-4squeeze6  MIT Kerberos runtime libraries
ii  libnfsidmap2       0.23-2                An nfs idmapping library
ii  librpcsecgss3      0.19-2                allows secure rpc communication us
ii  libwrap0           7.6.q-19              Wietse Venema's TCP wrappers libra
ii  lsb-base           3.2-23.2squeeze1      Linux Standard Base 3.2 init scrip
ii  netbase            4.45                  Basic TCP/IP networking system
ii  portmap            6.0.0-2               RPC port mapper
ii  ucf                3.0025+nmu1           Update Configuration File: preserv

nfs-common recommends no packages.

nfs-common suggests no packages.

-- no debconf information

commit 722bd62d1e6a9d38db57e919d914a371e67d804d
Author: Maximilian Wilhelm <max@rfc2324.org>
Date:   Fri May 24 14:46:41 2013 +0200

    Fix handling of preferred realm command line option.
    
      The current implementation ignores any preferred realm specified on the
      command line. Fix this behaviour and make sure the preferred realm is
      used as first realm when trying to acquire a keytab entry.
    
    Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
    Signed-off-by: Frederik Moellers <frederik.moellers@upb.de>

diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 6275dd8..fb706a8 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -852,11 +852,18 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
 	}
 
 	/*
-	 * Try the "appropriate" realm first, and if nothing found for that
-	 * realm, try the default realm (if it hasn't already been tried).
+	 * Make sure the preferred_realm (which may have been explicitly set
+	 * on the command line, is tried first. If nothing is found go on with
+	 * the host and local default realm (if that hasn't already been tried).
 	 */
 	i = 0;
 	realm = realmnames[i];
+
+	if (strcmp (realm, preferred_realm) != 0) {
+		realm = preferred_realm;
+		i = -1;
+	}
+
 	while (1) {
 		if (realm == NULL) {
 			tried_all = 1;

--- End Message ---

--- Begin Message ---

• To: 709632-close@bugs.debian.org
• Subject: Re: gssd: Ignores a preferred_realm specified via the -R option
• From: Aníbal Monsalve Salazar <anibal@debian.org>
• Date: Thu, 9 Sep 2021 00:33:47 +1000
• Message-id: <YTjJywUbcXS522Eg@master.debian.org>
• In-reply-to: <20161216121432.GB1074@principal.rfc2324.org>
• References: <20161216121432.GB1074@principal.rfc2324.org>

On Fri, 2016-12-16 13:14:33 +0100, Maximilian Wilhelm wrote:
> Hi,
> 
> version v1.3.4-1 in unstable contains my upstream patch [0], so the
> problem is fixed in the unstable version.
> 
> Will there be a new version of this package for Jessie and maybe even
> Wheezy?
> 
> Best
> Max
> 
> [0] http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commit;h=a402f768db1dc6497cf7f592b33e142936897de2

Attachment: signature.asc
Description: PGP signature

--- End Message ---