From f98ba772f9453f39b8b7c02f896dd3725d1c7d8b Mon Sep 17 00:00:00 2001
From: Bill MacAllister <whm@dropbox.com>
Date: Fri, 6 May 2016 19:40:17 +0000
Subject: Correction to AD handling of long service keytab IDs

The account name for a service keytab cannot exceed 20 characters.
The routine that was generating a unique id incorrectly attempted to
perform an LDAP query.  This change fixes that problem.
---
 perl/lib/Wallet/Kadmin/AD.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'perl')

diff --git a/perl/lib/Wallet/Kadmin/AD.pm b/perl/lib/Wallet/Kadmin/AD.pm
index 83912dd..2d93b32 100644
--- a/perl/lib/Wallet/Kadmin/AD.pm
+++ b/perl/lib/Wallet/Kadmin/AD.pm
@@ -280,8 +280,8 @@ sub get_service_id {
             my $this_prefix = substr($this_cn, 0, 20-$suffix_size);
             my $this_format = "%0${suffix_size}i";
             while ($cnt<$loop_limit) {
-                my $this_cn = $this_prefix . sprintf($this_format, $cnt);
-                $this_dn = ldap_get_dn($this_base, "cn=$this_cn");
+                $this_cn = $this_prefix . sprintf($this_format, $cnt);
+                $this_dn = $self->ldap_get_dn($this_base, "cn=$this_cn");
                 if (!$this_dn) {
                     $this_id = $this_cn;
                     last;
-- 
cgit v1.2.3