Change kerberos handling

author cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>

Fri, 17 Nov 2006 06:16:09 +0000 (06:16 +0000)

committer cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>

Fri, 17 Nov 2006 06:16:09 +0000 (06:16 +0000)
author cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>
Fri, 17 Nov 2006 06:16:09 +0000 (06:16 +0000)
committer cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>
Fri, 17 Nov 2006 06:16:09 +0000 (06:16 +0000)
diff --git a/FAQ b/FAQ

index b1fe2285c170c7242525f94d9256f79e2180ce56..16dc268c908cf9142fbc3d0be3644b2cc3a82b26 100644 (file)
--- a/FAQ
+++ b/FAQ
@@ -338,3 +338,10 @@ Q: Is there a way to let GOsa automatically fill missing fields in the network
  A: Sure. You can specify the "autoconf" option and provide the contributed
     script "net-resolver.sh" in your gosa.conf. If this is configured, you're
     getting an additional button in each network dialog.
+
+
+Q: New implementations of OpenLDAP seem to require {sasl} instead of {kerberos}
+   in password hashes. GOsa writes the wrong string. What can I do?
+
+A: You can set "krbsasl" to "true" in your gosa.conf's main section.
+
diff --git a/include/class_config.inc b/include/class_config.inc

index 339eca51fa81568fbe32d504acbb43a1207faba1..0672d07044312f1ee3dcb92c3867944597b452f1 100644 (file)
--- a/include/class_config.inc
+++ b/include/class_config.inc
@@ -300,6 +300,17 @@ class config  {
        $this->current['PASSWORD']= $referral['PASSWORD'];
      }
  
+    /* Possibly load kerberos style */
+    if (isset($this->current['KRBSASL'])){
+      if (preg_match('/^(yes|true)$/i', $this->current['KRBSASL'])){
+        $this->current['KRBSASL']= "sasl";
+      } else {
+        $this->current['KRBSASL']= "kerberos";
+      }
+    } else {
+      $this->current['KRBSASL']= "kerberos";
+    }
+
      /* Load server informations */
      $this->load_servers();
    }
diff --git a/include/class_password-methods-kerberos.inc b/include/class_password-methods-kerberos.inc

index e66ebbba969bcaac9b6357ce52622b901ead0a53..03d935ac697b5260700fc9624ad1967af9fe080b 100644 (file)
--- a/include/class_password-methods-kerberos.inc
+++ b/include/class_password-methods-kerberos.inc
@@ -62,7 +62,7 @@ class passwordMethodkerberos extends passwordMethod
  
                         kadm5_destroy($handle);
  
-                       $newpass= "{kerberos}".$this->attrs['uid'][0]."@".$cfg['REALM'];
+                       $newpass= "{".$this->config->current['KRBSASL']."}".$this->attrs['uid'][0]."@".$cfg['REALM'];
  
                         return $newpass;       
                 }
author	cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Fri, 17 Nov 2006 06:16:09 +0000 (06:16 +0000)
committer	cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Fri, 17 Nov 2006 06:16:09 +0000 (06:16 +0000)
FAQ		patch \| blob \| history
include/class_config.inc		patch \| blob \| history
include/class_password-methods-kerberos.inc		patch \| blob \| history