ticket: new

subject: fix krb5_ldap_iterate to handle NULL match_expr and open_db_and_mkey to use KRB5_KDB_SRV_TYPE_ADMIN

When I ran kdb5_util dump I had two initial problems.  First, the LDAP
plugin was not finding the bind DN because open_db_and_mkey() was
passing KRB5_KDB_SRV_TYPE_OTHER to krb5_db_open().  When I change this
to KRB5_KDB_SRV_TYPE_ADMIN then the ldap_kadmind_dn parameter is used
from krb5.conf and a valid bind DN is found.  Second,
krb5_ldap_iterate() will core dump when it is called withy a NULL
match_expr arg.  This is how dump_db calls krb5_db_iterate().  I updated
krb5_ldap_iterate() to use a default_match_expr of "*" if match_expr ==
NULL.



git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18736 dc483132-0cff-0310-8789-dd5450dbe970

src/kadmin/dbutil/kdb5_util.c

@@ -378,7 +378,7 @@ static int open_db_and_mkey()
     valid_master_key = 0;
 
     if ((retval = krb5_db_open(util_context, db5util_db_args, 
-			       KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_OTHER))) {
+			       KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN))) {
 	com_err(progname, retval, "while initializing database");
 	exit_status++;
 	return(1);

src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c

@@ -149,6 +149,7 @@ krb5_ldap_iterate(context, match_expr, func, func_arg)
     kdb5_dal_handle          *dal_handle=NULL;
     krb5_ldap_context        *ldap_context=NULL;
     krb5_ldap_server_handle  *ldap_server_handle=NULL;
+    char                     *default_match_expr = "*";
 
     /* Clear the global error string */
     krb5_clear_error_message(context);
@@ -166,6 +167,12 @@ krb5_ldap_iterate(context, match_expr, func, func_arg)
 	}
     }
 
+    /* 
+     * If no match_expr then iterate through all krb princs like the db2 plugin
+     */
+    if (match_expr == NULL)
+	match_expr = default_match_expr;
+
     filterlen = strlen(FILTER) + strlen(match_expr) + 2 + 1;  /* 2 for closing brackets */
     filter = malloc (filterlen);
     CHECK_NULL(filter);