krb5_get_host_realm(krb5_context context, const char *host, char ***realmsp)
{
char **retrealms;
- char *default_realm, *realm, *cp, *temp_realm;
+ char *realm, *cp, *temp_realm;
krb5_error_code retval;
- int l;
char local_host[MAXDNAME+1];
printf("get_host_realm(host:%s) called\n",host);
- if (host) {
- /* Filter out numeric addresses if the caller utterly failed to
- convert them to names. */
- /* IPv4 - dotted quads only */
- if (strspn(host, "01234567890.") == strlen(host)) {
- /* All numbers and dots... if it's three dots, it's an
- IP address, and we reject it. But "12345" could be
- a local hostname, couldn't it? We'll just assume
- that a name with three dots is not meant to be an
- all-numeric hostname three all-numeric domains down
- from the current domain. */
- int ndots = 0;
- const char *p;
- for (p = host; *p; p++)
- if (*p == '.')
- ndots++;
- if (ndots == 3)
- return KRB5_ERR_NUMERIC_REALM;
- }
- if (strchr(host, ':'))
- /* IPv6 numeric address form? Bye bye. */
- return KRB5_ERR_NUMERIC_REALM;
-
- /* Should probably error out if strlen(host) > MAXDNAME. */
- strncpy(local_host, host, sizeof(local_host));
- local_host[sizeof(local_host) - 1] = '\0';
- } else {
- retval = krb5int_get_fq_local_hostname (local_host,
- sizeof (local_host));
- if (retval)
- return retval;
- }
-
- for (cp = local_host; *cp; cp++) {
- if (isupper((unsigned char) (*cp)))
- *cp = tolower((unsigned char) *cp);
- }
- l = strlen(local_host);
- /* strip off trailing dot */
- if (l && local_host[l-1] == '.')
- local_host[l-1] = 0;
+ krb5_clean_hostname(context, host, &local_host);
/*
Search for the best match for the host or domain.
cp = local_host;
printf(" local_host: %s\n",local_host);
- realm = default_realm = (char *)NULL;
+ realm = (char *)NULL;
temp_realm = 0;
while (cp) {
printf(" trying to look up %s in the domain_realm map\n",cp);
/* Setup for another test */
if (*cp == '.') {
cp++;
- if (default_realm == (char *)NULL) {
- /* If nothing else works, use the host's domain */
- default_realm = cp;
- }
} else {
cp = strchr(cp, '.');
}
krb5_error_code retval;
char local_host[MAXDNAME+1];
- printf("get_fallback_host_realm(host:%s) called\n",host);
+ printf("get_fallback_host_realm(host >%s<) called\n",host);
+
+ krb5_clean_hostname(context, host, &local_host);
+
+ /* Scan hostname for DNS realm, and save as last-ditch realm
+ assumption. */
+ cp = local_host;
+ printf(" local_host: %s\n",local_host);
+ realm = default_realm = (char *)NULL;
+ temp_realm = 0;
+ while (cp && !default_realm) {
+ if (*cp == '.') {
+ cp++;
+ if (default_realm == (char *)NULL) {
+ /* If nothing else works, use the host's domain */
+ default_realm = cp;
+ }
+ } else {
+ cp = strchr(cp, '.');
+ }
+ }
+ printf(" done finding DNS-based default realm: >%s<\n",default_realm);
+
#ifdef KRB5_DNS_LOOKUP
if (realm == (char *)NULL) {
}
}
#endif /* KRB5_DNS_LOOKUP */
+
+
if (realm == (char *)NULL) {
if (default_realm != (char *)NULL) {
/* We are defaulting to the realm of the host */
*realmsp = retrealms;
return 0;
}
+
+/*
+ * Common code for krb5_get_host_realm and krb5_get_fallback_host_realm
+ * to do basic sanity checks on supplied hostname.
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_clean_hostname(krb5_context context, const char *host, char **local_hostp)
+{
+ char **retrealms;
+ char *realm, *cp, *temp_realm, *local_host;
+ krb5_error_code retval;
+ int l;
+
+ local_host=*local_hostp;
+
+ printf("krb5_clean_hostname called: host<%s>, local_host<%s>\n",host,local_host);
+ if (host) {
+ /* Filter out numeric addresses if the caller utterly failed to
+ convert them to names. */
+ /* IPv4 - dotted quads only */
+ if (strspn(host, "01234567890.") == strlen(host)) {
+ /* All numbers and dots... if it's three dots, it's an
+ IP address, and we reject it. But "12345" could be
+ a local hostname, couldn't it? We'll just assume
+ that a name with three dots is not meant to be an
+ all-numeric hostname three all-numeric domains down
+ from the current domain. */
+ int ndots = 0;
+ const char *p;
+ for (p = host; *p; p++)
+ if (*p == '.')
+ ndots++;
+ if (ndots == 3)
+ return KRB5_ERR_NUMERIC_REALM;
+ }
+ if (strchr(host, ':'))
+ /* IPv6 numeric address form? Bye bye. */
+ return KRB5_ERR_NUMERIC_REALM;
+
+ /* Should probably error out if strlen(host) > MAXDNAME. */
+ strncpy(local_host, host, sizeof(local_host));
+ local_host[sizeof(local_host) - 1] = '\0';
+ } else {
+ retval = krb5int_get_fq_local_hostname (local_host,
+ sizeof (local_host));
+ if (retval)
+ return retval;
+ }
+
+ /* fold to lowercase */
+ for (cp = local_host; *cp; cp++) {
+ if (isupper((unsigned char) (*cp)))
+ *cp = tolower((unsigned char) *cp);
+ }
+ l = strlen(local_host);
+ /* strip off trailing dot */
+ if (l && local_host[l-1] == '.')
+ local_host[l-1] = 0;
+
+ printf("krb5_clean_hostname ending: host<%s>, local_host<%s>\n",host,local_host);
+ return 0;
+}
projects / thirdparty / krb5.git / commitdiff
