2 * lib/krb5/os/an_to_ln.c
4 * Copyright 1990,1991 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. M.I.T. makes no representations about the suitability of
20 * this software for any purpose. It is provided "as is" without express
21 * or implied warranty.
24 * krb5_aname_to_localname()
30 #define min(a,b) ((a) > (b) ? (b) : (a))
33 int krb5_lname_username_fallback = 1;
34 extern char *krb5_lname_file;
38 static krb5_error_code dbm_an_to_ln();
39 static krb5_error_code username_an_to_ln();
42 Converts an authentication name to a local name suitable for use by
43 programs wishing a translation to an environment-specific name (e.g.
46 lnsize specifies the maximum length name that is to be filled into
48 The translation will be null terminated in all non-error returns.
50 returns system errors, NOT_ENOUGH_SPACE
54 krb5_aname_to_localname(context, aname, lnsize, lname)
56 krb5_const_principal aname;
62 if (!stat(krb5_lname_file,&statbuf))
63 return dbm_an_to_ln(context, aname, lnsize, lname);
64 if (krb5_lname_username_fallback)
65 return username_an_to_ln(context, aname, lnsize, lname);
66 return KRB5_LNAME_CANTOPEN;
70 * Implementation: This version uses a DBM database, indexed by aname,
71 * to generate a lname.
73 * The entries in the database are normal C strings, and include the trailing
74 * null in the DBM datum.size.
76 static krb5_error_code
77 dbm_an_to_ln(context, aname, lnsize, lname)
79 krb5_const_principal aname;
84 krb5_error_code retval;
88 if (retval = krb5_unparse_name(context, aname, &princ_name))
90 key.dptr = princ_name;
91 key.dsize = strlen(princ_name)+1; /* need to store the NULL for
94 db = dbm_open(krb5_lname_file, O_RDONLY, 0600);
96 krb5_xfree(princ_name);
97 return KRB5_LNAME_CANTOPEN;
100 contents = dbm_fetch(db, key);
102 krb5_xfree(princ_name);
104 if (contents.dptr == NULL) {
105 retval = KRB5_LNAME_NOTRANS;
107 strncpy(lname, contents.dptr, lnsize);
108 if (lnsize < contents.dsize)
109 retval = KRB5_CONFIG_NOTENUFSPACE;
110 else if (lname[contents.dsize-1] != '\0')
111 retval = KRB5_LNAME_BADFORMAT;
115 /* can't close until we copy the contents. */
116 (void) dbm_close(db);
122 * Implementation: This version checks the realm to see if it is the local
123 * realm; if so, and there is exactly one non-realm component to the name,
124 * that name is returned as the lname.
126 static krb5_error_code
127 username_an_to_ln(context, aname, lnsize, lname)
128 krb5_context context;
129 krb5_const_principal aname;
133 krb5_error_code retval;
137 realm_length = krb5_princ_realm(context, aname)->length;
139 if (retval = krb5_get_default_realm(context, &def_realm)) {
142 if (((size_t) realm_length != strlen(def_realm)) ||
143 (memcmp(def_realm, krb5_princ_realm(context, aname)->data, realm_length))) {
145 return KRB5_LNAME_NOTRANS;
148 if (krb5_princ_size(context, aname) != 1) {
149 if (krb5_princ_size(context, aname) == 2 ) {
150 /* Check to see if 2nd component is the local realm. */
151 if ( strncmp(krb5_princ_component(context, aname,1)->data,def_realm,
153 realm_length != krb5_princ_component(context, aname,1)->length)
154 return KRB5_LNAME_NOTRANS;
157 /* no components or more than one component to non-realm part of name
159 return KRB5_LNAME_NOTRANS;
163 strncpy(lname, krb5_princ_component(context, aname,0)->data,
164 min(krb5_princ_component(context, aname,0)->length,lnsize));
165 if (lnsize < krb5_princ_component(context, aname,0)->length ) {
166 retval = KRB5_CONFIG_NOTENUFSPACE;
168 lname[krb5_princ_component(context, aname,0)->length] = '\0';
177 krb5_aname_to_localname(context, aname, lnsize, lname)
178 krb5_context context;
179 krb5_const_principal aname;
183 if (krb5_lname_username_fallback)
184 return username_an_to_ln(context, aname, lnsize, lname);
185 return KRB5_LNAME_CANTOPEN;