30 Mar
2011
30 Mar
'11
8:41 a.m.
Stephen Gallagher sgallagh@redhat.com wrote:
If SDAP_SASL_AUTHID is specified, then ONLY this auth ID is allowable. If the keytab doesn't contain it, we need to fail.
If SDAP_SASL_REALM is specified, then only the REALM portion is mandatory (if we have no entries for this realm in the keytab, we need to fail).
Yep, that's basically what I thought. In the new patch these conditions should be met
And for the code review:
Nack. If the talloc_strdup() or talloc_asprintf() fails to create the return values in select_principal_from_keytab(), this should be an ENOMEM failure. We should not proceed with a value of NULL.
I suspected so. Corrected.
Thanks Jan