char *host;
};
#ifdef KRB5_DNS_LOOKUP
+
+#define MAX_DNS_NAMELEN (15*(MAXHOSTNAMELEN + 1)+1)
+
krb5_error_code
krb5int_make_srv_query_realm(const krb5_data *realm,
const char *service,
* Returns TRUE if the kerberos principal is the name of a Kerberos ticket
* service.
*/
-krb5_boolean krb5_is_tgs_principal(krb5_const_principal principal)
+krb5_boolean
+krb5_is_tgs_principal(krb5_const_principal principal)
{
if ((krb5_princ_size(kdc_context, principal) > 0) &&
data_eq_string (*krb5_princ_component(kdc_context, principal, 0),
free(pa);
return retval;
}
+
+
+krb5_error_code
+krb5int_get_domain_realm_mapping(krb5_context context,
+ const char *host, char ***realmsp)
+{
+ char **retrealms;
+ char *realm, *cp, *temp_realm;
+ krb5_error_code retval;
+ char temp_host[MAX_DNS_NAMELEN+1];
+
+ /* do sanity check and lower-case */
+ retval = krb5int_clean_hostname(context, host, temp_host, sizeof temp_host);
+ if (retval)
+ return retval;
+ /*
+ Search for the best match for the host or domain.
+ Example: Given a host a.b.c.d, try to match on:
+ 1) a.b.c.d 2) .b.c.d. 3) b.c.d 4) .c.d 5) c.d 6) .d 7) d
+ */
+
+ cp = temp_host;
+ realm = (char *)NULL;
+ temp_realm = 0;
+ while (cp ) {
+ retval = profile_get_string(context->profile, KRB5_CONF_DOMAIN_REALM, cp,
+ 0, (char *)NULL, &temp_realm);
+ if (retval)
+ return retval;
+ if (temp_realm != (char *)NULL)
+ break; /* Match found */
+
+ /* Setup for another test */
+ if (*cp == '.') {
+ cp++;
+ } else {
+ cp = strchr(cp, '.');
+ }
+ }
+ if (temp_realm != (char*)NULL) {
+ realm = strdup(temp_realm);
+ profile_release_string(temp_realm);
+ if (!realm) {
+ return ENOMEM;
+ }
+ }
+ retrealms = (char **)calloc(2, sizeof(*retrealms));
+ if (!retrealms) {
+ if (realm != (char *)NULL)
+ free(realm);
+ return ENOMEM;
+ }
+
+ retrealms[0] = realm;
+ retrealms[1] = 0;
+
+ *realmsp = retrealms;
+ return 0;
+}
kdc_handle_protected_negotiation( krb5_data *req_pkt, krb5_kdc_req *request,
const krb5_keyblock *reply_key,
krb5_pa_data **out_enc_padata, int *idx);
-
+krb5_error_code
+krb5int_get_domain_realm_mapping(krb5_context context,
+ const char *host, char ***realmsp);
#define isflagset(flagfield, flag) (flagfield & (flag))
krb5int_accessor
krb5int_cc_default
krb5int_cleanup_library
+krb5int_clean_hostname
krb5int_cm_call_select
krb5int_copy_data_contents_add0
krb5int_find_authdata
krb5int_free_addrlist
krb5int_free_data_list
krb5int_get_authdata_containee_types
-krb5int_get_domain_realm_mapping
krb5int_init_context_kdc
krb5int_initialize_library
krb5int_pac_sign
#define MAXHOSTNAMELEN 64
#endif
-#define MAX_DNS_NAMELEN (15*(MAXHOSTNAMELEN + 1)+1)
-
#endif /* KRB5_DNS_LOOKUP */
/*
{
free (lrealm);
}
-
-krb5_error_code
-krb5int_get_domain_realm_mapping(krb5_context context, const char *host, char ***realmsp)
-{
- char **retrealms;
- char *realm, *cp, *temp_realm;
- krb5_error_code retval;
- char temp_host[MAX_DNS_NAMELEN+1];
-
- /* do sanity check and lower-case */
- retval = krb5int_clean_hostname(context, host, temp_host, sizeof temp_host);
- if (retval)
- return retval;
- /*
- Search for the best match for the host or domain.
- Example: Given a host a.b.c.d, try to match on:
- 1) a.b.c.d 2) .b.c.d. 3) b.c.d 4) .c.d 5) c.d 6) .d 7) d
- */
-
- cp = temp_host;
- realm = (char *)NULL;
- temp_realm = 0;
- while (cp ) {
- retval = profile_get_string(context->profile, KRB5_CONF_DOMAIN_REALM, cp,
- 0, (char *)NULL, &temp_realm);
- if (retval)
- return retval;
- if (temp_realm != (char *)NULL)
- break; /* Match found */
-
- /* Setup for another test */
- if (*cp == '.') {
- cp++;
- } else {
- cp = strchr(cp, '.');
- }
- }
- if (temp_realm != (char*)NULL) {
- realm = strdup(temp_realm);
- profile_release_string(temp_realm);
- if (!realm) {
- return ENOMEM;
- }
- }
- retrealms = (char **)calloc(2, sizeof(*retrealms));
- if (!retrealms) {
- if (realm != (char *)NULL)
- free(realm);
- return ENOMEM;
- }
-
- retrealms[0] = realm;
- retrealms[1] = 0;
-
- *realmsp = retrealms;
- return 0;
-}
projects / thirdparty / krb5.git / commitdiff
