+Sat Apr 22 00:11:12 1995 Theodore Y. Ts'o (tytso@dcl)
+
+ * Makefile.in, configure.in, t_std_conf.c: Add test program to
+ test the standard configuration krb5 routines.
+
+ * osconfig.c: Don't define krb5_kdc_udp_portname and
+ krb5_kdc_sec_portname any more. There's no real point...
+
+ * hst_realm.c (krb5_get_krbhst): Strip off the trailing dot from
+ the hostname if present.
+
+ * locate_kdc.c (krb5_locate_kdc): Use the profile code to get the
+ list of Kerberos servers (plus port numbers) for a
+ particular realm from [realms]/<realm>/kdc
+
Fri Apr 21 11:38:45 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu>
* def_realm.c (krb5_get_default_realm): Use the profile code to
get the default realm from [libdefaults]/default_realm.
* get_krbhst.c (krb5_get_krbhst): Use the profile code to get the
- list of Kerberos servers for a particualar realm from
+ list of Kerberos servers for a particular realm from
[realms]/<realm>/kdc
- * realm_dom.c (krb5_get_realm_domain): Use the profile code to
+ * realm_dom.c (krb5_get_realm_domain): Use the profile code to
get the default domain postfix for a realm (used only to
convert V4 -> V5 principals) from
[realms]/<realm>/default_domain
[domain_realm]/<host|domain>
* init_os_ctx.c (krb5_os_init_context): When the OS context is
- initialized, also initialize the profile file. This loads
+ initialized, also initialize the profile file. This loads
in the /etc/krb5.conf file.
-Wed Apr 19 13:50:19 1995 Ezra Peisach (epeisach@kangaroo.mit.edu)
+Wed Apr 19 13:50:19 1995 Ezra Peisach (epeisach@kangaroo.mit.edu)
* def_realm.c: (krb5_get_default_realm) - remove global default realm.
Moved into the context. (krb5_set_default_realm) added.
Fri Apr 14 22:15:00 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu>
* an_to_ln.c (dbm_an_to_ln): Don't compile dbm_an_to_ln() if
- USE_DBM_LNAME isn't defined.
+ USE_DBM_LNAME isn't defined.
Fri Apr 14 15:15:48 1995 <tytso@rsx-11.mit.edu>
Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
* *.[ch]: removed unneeded INTERFACE from non-api functions.
- * read_pwd.c: __STDC__ conditional also checks the _WINDOWS define.
+ * read_pwd.c: __STDC__ conditional also checks the _WINDOWS define.
Fri Apr 7 15:32:04 1995 Keith Vetter (keithv@fusion.com)
* ccdefname.c:
- changed windows stored filename syntax--dropped the 'FILE:' part.
- changed buffer from malloc to static since we don't want it
- ever to fail, and nobody checks it for errors.
+ changed windows stored filename syntax--dropped the 'FILE:' part.
+ changed buffer from malloc to static since we don't want it
+ ever to fail, and nobody checks it for errors.
Wed Apr 5 16:32:07 1995 Keith Vetter (keithv@fusion.com)
* get_krbh.c: better error handling--old return values were
- being overwritten.
- * locate_kdc.c: added new error code KRB5_REALM_CANT_RESOLVE for
- when we have realm names but can't find their addresses.
- Also, fixed up indenting of an if clause.
- * sendto_kdc.c: added winsock init/destroy calls because some
- PC tcp/ip stacks seem to need it.
+ being overwritten.
+ * locate_kdc.c: added new error code KRB5_REALM_CANT_RESOLVE for
+ when we have realm names but can't find their addresses.
+ Also, fixed up indenting of an if clause.
+ * sendto_kdc.c: added winsock init/destroy calls because some
+ PC tcp/ip stacks seem to need it.
Fri Mar 31 16:30:03 1995 Theodore Y. Ts'o (tytso@dcl)
Thu Mar 30 15:54:54 1995 Keith Vetter (keithv@fusion.com)
* localaddr.c: in Windows/Mac code, fixed bug due to wrong level
- of indirection on memcpy call.
+ of indirection on memcpy call.
Tue Mar 28 19:22:28 1995 Keith Vetter (keithv@fusion.com)
- For Windows, added calls to get the default config, realms and
- ccache files out of a windows ini file.
- * ccdefname.c: does this for the credential cache.
- * osconfig.c: does this for the config and realms files.
+ For Windows, added calls to get the default config, realms and
+ ccache files out of a windows ini file.
+ * ccdefname.c: does this for the credential cache.
+ * osconfig.c: does this for the config and realms files.
* get_krbh.c, realm_do.c, hst_real.c, def_real.c: added calls to
- set the default values.
+ set the default values.
-Tue Mar 28 18:35:20 1995 John Gilmore (gnu at toad.com)
+Tue Mar 28 18:35:20 1995 John Gilmore (gnu at toad.com)
* DNR.c: Add Apple MacTCP source file for domain name resolution.
* macsock.c: Add fake socket support routines for MacTCP.
* Makefile.in (OBJS, SRCS): Add DNR and macsock.
- * ccdefname.c: On Mac, default cred cache is "STDIO:krb5cc" for now.
+ * ccdefname.c: On Mac, default cred cache is "STDIO:krb5cc" for now.
FIXME, this needs to find the Preferences folder and use that.
FIXME, shouldn't be conditioned on HAVE_MACSOCK_H.
- * gmt_mktime.c: Use HAVE_SYS_TYPES_H.
- * krbfileio.c: Remove <sys/types.h>.
+ * gmt_mktime.c: Use HAVE_SYS_TYPES_H.
+ * krbfileio.c: Remove <sys/types.h>.
* localaddr.c, sendto_kdc.c: Convert to more generic socket
support. Use closesocket instead of close, SOCKET_ERRNO rather
than errno, SOCKET rather than int, etc.
- * localaddr.c: Use getmyipaddr() from macsock.c, if on Mac.
+ * localaddr.c: Use getmyipaddr() from macsock.c, if on Mac.
Add FIXME for multiple local addresses.
- * lock_file.c: Provide a dummy version for MacOS.
+ * lock_file.c: Provide a dummy version for MacOS.
* read_pwd.c (ECHO_PASSWORD): Add #ifdef's to avoid all the ioctls
- and other stuff that turn off echoing. This is useful for debugging
+ and other stuff that turn off echoing. This is useful for debugging
on MacOS. FIXME: ECHO_PASSWORD needs to be added to configure.in.
* ustime.c: Bring in Mac-specific time-and-timezone code. It
probably isn't hooked up correctly, yet.
-Mon Mar 27 14:16:39 1995 John Gilmore (gnu at toad.com)
+Mon Mar 27 14:16:39 1995 John Gilmore (gnu at toad.com)
* full_ipadr.c, gen_rname.c, port2ip.c, read_msg.c, write_msg.c:
Remove explicit includes of socket files.
- * locate_kdc.c: Remove <sys/types.h> and "os-proto.h".
+ * locate_kdc.c: Remove <sys/types.h> and "os-proto.h".
* macsock.c (connect, send, recv): Add for K5 compatability.
- (getmyipaddr): Add for use in K5.
+ (getmyipaddr): Add for use in K5.
* macsock.c: Add Mac socket support file, verbatim from K4 release.
Thu Mar 23 23:11:36 1995 Theodore Y. Ts'o <tytso@dcl>
* realm_dom.c (krb5_get_realm_domain): Don't indent preprocessor
- directives. (Not portable).
+ directives. (Not portable).
* hst_realm.c (krb5_get_host_realm): Don't indent preprocessor
directives. Removed excess close paren introduced by
Wed Mar 22 18:59:47 1995 Keith Vetter (keithv@fusion.com)
- * hst_realm.c, realm_dom.c: windows DLL can't use fscanf so had
- to write a couple of routines to read what we need from the file.
+ * hst_realm.c, realm_dom.c: windows DLL can't use fscanf so had
+ to write a couple of routines to read what we need from the file.
Wed Mar 22 13:30:35 1995 Keith Vetter (keithv@fusion.com)
* an_to_ln.c, kuserok.c: last two os routines ported to the PC.
-Fri Mar 17 19:56:39 1995 John Gilmore (gnu at toad.com)
+Fri Mar 17 19:56:39 1995 John Gilmore (gnu at toad.com)
* Makefile.in (LDFLAGS): Eliminate, duplicates config/pre.in.
- * localaddr.c: Remove socket include files now handled in k5-int.h.
+ * localaddr.c: Remove socket include files now handled in k5-int.h.
Wed Mar 15 12:19:47 1995 Keith Vetter (keithv@fusion.com)
* sendto_kdc.c: made to work on the PC.
-Tue Mar 7 22:15:00 1995 Keith Vetter <keithv@fusion.com>
+Tue Mar 7 22:15:00 1995 Keith Vetter <keithv@fusion.com>
* sendto_kdc.c: stubbed on the PC for now.
-Tue Mar 7 19:54:17 1995 Mark Eichin <eichin@cygnus.com>
+Tue Mar 7 19:54:17 1995 Mark Eichin <eichin@cygnus.com>
* configure.in: take out ISODE_DEFS, ISODE_INCLUDE.
Tue Mar 7 13:35:21 1995 Keith Vetter (keithv@fusion.com)
* *.c: ported all the c files except an_to_ln, kuserok, and
- sendto_kdc which have windows stubs.
- * Makefile.in: reflects above changes.
+ sendto_kdc which have windows stubs.
+ * Makefile.in: reflects above changes.
Wed Mar 1 17:30:00 1995 Keith Vetter (keithv@fusion.com)
code changes. For now it's just added to the end of the file. Later,
we have to decide on a solution for all.
-Tue Feb 28 01:07:37 1995 John Gilmore (gnu at toad.com)
+Tue Feb 28 01:07:37 1995 John Gilmore (gnu at toad.com)
- * *.c: Avoid <krb5/...> includes.
+ * *.c: Avoid <krb5/...> includes.
-Fri Feb 3 08:24:18 1995 Theodore Y. Ts'o (tytso@dcl)
+Fri Feb 3 08:24:18 1995 Theodore Y. Ts'o (tytso@dcl)
* gmt_mktime.c (gmt_mktime): Don't double count the leap day in a
leap year.
-Sun Jan 22 18:23:37 1995 John Gilmore (gnu@cygnus.com)
+Sun Jan 22 18:23:37 1995 John Gilmore (gnu@cygnus.com)
* get_krbhst.c (krb5_get_krbhst): Declare realm argument const,
to match prototype.
* sendto_kdc.c (krb5_sendto_kdc): Fix use of connected sockets;
previously krb5_sendto_kdc only used one socket per
- address family. This doesn't work; it now uses one
+ address family. This doesn't work; it now uses one
socket per address. (krb5-bugs #938)
Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
* Actually move the file init_ctx.c to init_os_ctx.c in the CVS
- repository and also rename the routine krb5_free_os_context()
+ repository and also rename the routine krb5_free_os_context()
to krb5_os_free_context().
Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
Mon Dec 19 15:20:35 1994 Theodore Y. Ts'o (tytso@dcl)
- * init_ctx.c: New file. Initializes and frees the krb5_os_context
+ * init_ctx.c: New file. Initializes and frees the krb5_os_context
structure.
* realm_dom.c (krb5_get_realm_domain): Fixed minor bug where the
* configure.in: Add ISODE_DEFS
-Fri Oct 7 13:23:18 1994 Theodore Y. Ts'o (tytso@dcl)
+Fri Oct 7 13:23:18 1994 Theodore Y. Ts'o (tytso@dcl)
* configure.in: Add test for unistd.h
* configure.in: Put in correct dependency order of configure.in
lines.
-Wed Jul 6 13:26:59 1994 Mark Eichin (eichin@cygnus.com)
+Wed Jul 6 13:26:59 1994 Mark Eichin (eichin@cygnus.com)
* gmt_mktime.c (gmt_mktime): New file, new function. Similar to
POSIX mktime, but always works in GMT.
all:: $(OBJS)
+COMERRLIB=$(BUILDTOP)/util/et/libcom_err.a
+
+TEST_PROGS= t_std_conf
+
+T_STD_CONF_OBJS= t_std_conf.o def_realm.o get_krbhst.o realm_dom.o \
+ hst_realm.o init_os_ctx.o locate_kdc.o $(COMERRLIB) \
+ $(TOPLIBD)/libkrb5.a $(TOPLIBD)/libcrypto.a
+
+t_std_conf: $(T_STD_CONF_OBJS)
+ $(CC) -o t_std_conf $(T_STD_CONF_OBJS) $(LIBS)
+
+check:: check-$(WHAT)
+
+check-unix:: $(TEST_PROGS)
+ KRB5_CONFIG=$(srcdir)/td_krb5.conf ; export KRB5_CONFIG ;\
+ ./t_std_conf -d -s NEW.DEFAULT.REALM -d \
+ -k IGGY.ORG -k DEFAULT_REALM.TST \
+ -D DEFAULT_REALM.TST -r bad.idea -r itar.bad.idea \
+ -r really.BAD.IDEA. -r clipper.bad.idea -r KeYEsCrOW.BaD.IDea \
+ -r pgp.good.idea > test.out
+ cmp test.out $(srcdir)/ref_std_conf.out
+ $(RM) test.out
+
+clean::
+ $(RM) $(TEST_PROGS) test.out
WITH_CCOPTS
CONFIG_RULES
AC_SET_BUILDTOP
+WITH_NETLIB
dnl time checks are for timeofday.c (which gets them from osconf.h)
dnl and gmt_mktime.c (which only gets them from here...)
AC_TIME_WITH_SYS_TIME
cp = strchr(*cpp, '\t');
if (cp)
*cp = 0;
- cp = strchr(*cpp, ',');
+ cp = strchr(*cpp, ':');
if (cp)
*cp = 0;
}
char **retrealms;
char *domain, *default_realm, *realm, *cp;
krb5_error_code retval;
+ int l;
char local_host[MAXHOSTNAMELEN+1];
if (host)
if (isupper(*cp))
*cp = tolower(*cp);
}
+ l = strlen(local_host);
+ /* strip off trailing dot */
+ if (l && local_host[l-1] == '.')
+ local_host[l-1] = 0;
domain = strchr(local_host, '.');
/* prepare default */
}
}
- retval = profile_get_string(context->profile, "domain_realm", local_host,
+ retval = profile_get_string(context->profile, "domain_realm", domain,
0, default_realm, &realm);
free(default_realm);
if (retval)
return retval;
default_realm = realm;
- retval = profile_get_string(context->profile, "domain_realm", domain,
+ retval = profile_get_string(context->profile, "domain_realm", local_host,
0, default_realm, &realm);
free(default_realm);
if (retval)
#include "k5-int.h"
#include <stdio.h>
-#ifdef KRB5_USE_INET
-extern char *krb5_kdc_udp_portname;
-extern char *krb5_kdc_sec_udp_portname;
-#endif
-
/*
* returns count of number of addresses found
*/
struct sockaddr **addr_pp;
int *naddrs;
{
- char **hostlist;
+ const char *realm_kdc_names[4];
+ char **hostlist, *host, *port, *cp;
krb5_error_code code;
int i, j, out, count;
struct sockaddr *addr_p;
hostlist = 0;
- if (code = krb5_get_krbhst (context, realm, &hostlist))
- return(code);
+ realm_kdc_names[0] = "realms";
+ realm_kdc_names[1] = realm->data;
+ realm_kdc_names[2] = "kdc";
+ realm_kdc_names[3] = 0;
+
+ code = profile_get_values(context->profile, realm_kdc_names, &hostlist);
+ if (code == PROF_NO_SECTION)
+ return KRB5_REALM_UNKNOWN;
+ if (code == PROF_NO_RELATION)
+ return KRB5_CONFIG_BADFORMAT;
+ if (code)
+ return code;
#ifdef KRB5_USE_INET
- if (sp = getservbyname(krb5_kdc_udp_portname, "udp"))
+ if (sp = getservbyname(KDC_PORTNAME, "udp"))
udpport = sp->s_port;
- if (krb5_kdc_sec_udp_portname)
- if (sp = getservbyname(krb5_kdc_sec_udp_portname, "udp")) {
-#ifdef KRB5_TRY_SECONDARY_PORT_FIRST
- sec_udpport = udpport;
- udpport = sp->s_port;
-#else
- sec_udpport = sp->s_port;
-#endif
- }
+ if (sp = getservbyname(KDC_SECONDARY_PORTNAME, "udp"))
+ sec_udpport = sp->s_port;
#endif
+ if (sec_udpport == udpport)
+ sec_udpport = 0;
count = 0;
while (hostlist[count])
addr_p = (struct sockaddr *)malloc (sizeof (struct sockaddr) * count);
for (i=0, out=0; hostlist[i]; i++) {
+ host = hostlist[i];
+ /*
+ * Strip off excess whitespace
+ */
+ cp = strchr(host, ' ');
+ if (cp)
+ *cp = 0;
+ cp = strchr(host, '\t');
+ if (cp)
+ *cp = 0;
+ port = strchr(host, ':');
+ if (port) {
+ *port = 0;
+ port++;
+ }
hp = gethostbyname(hostlist[i]);
if (hp != 0) {
switch (hp->h_addrtype) {
#ifdef KRB5_USE_INET
case AF_INET:
- if (udpport) { /* must have gotten a port # */
- for (j=0; hp->h_addr_list[j]; j++) {
- sin_p = (struct sockaddr_in *) &addr_p[out++];
- memset ((char *)sin_p, 0, sizeof(struct sockaddr));
- sin_p->sin_family = hp->h_addrtype;
- sin_p->sin_port = udpport;
- memcpy((char *)&sin_p->sin_addr,
- (char *)hp->h_addr_list[j],
- sizeof(struct in_addr));
- if (out >= count) {
- count *= 2;
- addr_p = (struct sockaddr *)
- realloc ((char *)addr_p,
- sizeof(struct sockaddr) * count);
- }
- if (sec_udpport) {
- addr_p[out] = addr_p[out-1];
- sin_p = (struct sockaddr_in *) &addr_p[out++];
- sin_p->sin_port = sec_udpport;
- if (out >= count) {
- count *= 2;
- addr_p = (struct sockaddr *)
- realloc ((char *)addr_p,
- sizeof(struct sockaddr) * count);
- }
- }
+ for (j=0; hp->h_addr_list[j]; j++) {
+ sin_p = (struct sockaddr_in *) &addr_p[out++];
+ memset ((char *)sin_p, 0, sizeof(struct sockaddr));
+ sin_p->sin_family = hp->h_addrtype;
+ sin_p->sin_port = port ? htons(atoi(port)) : udpport;
+ memcpy((char *)&sin_p->sin_addr,
+ (char *)hp->h_addr_list[j],
+ sizeof(struct in_addr));
+ if (out+1 >= count) {
+ count += 5;
+ addr_p = (struct sockaddr *)
+ realloc ((char *)addr_p,
+ sizeof(struct sockaddr) * count);
+ }
+ if (sec_udpport && !port) {
+ addr_p[out] = addr_p[out-1];
+ sin_p = (struct sockaddr_in *) &addr_p[out++];
+ sin_p->sin_port = sec_udpport;
}
- }
+ }
break;
#endif
default:
int krb5_skdc_timeout_shift = SKDC_TIMEOUT_SHIFT;
int krb5_skdc_timeout_1 = SKDC_TIMEOUT_1;
-#ifdef KRB5_USE_INET
-char *krb5_kdc_udp_portname = KDC_PORTNAME;
-#ifdef KDC_SECONDARY_PORTNAME
-char *krb5_kdc_sec_udp_portname = KDC_SECONDARY_PORTNAME;
-#else
-char *krb5_kdc_sec_udp_portname = 0;
-#endif
-#endif
-
char *krb5_default_pwd_prompt1 = DEFAULT_PWD_STRING1;
char *krb5_default_pwd_prompt2 = DEFAULT_PWD_STRING2;
--- /dev/null
+krb5_get_default_realm() returned 'DEFAULT.REALM.TST'
+krb5_set_default_realm(NEW.DEFAULT.REALM)
+krb5_get_default_realm() returned 'NEW.DEFAULT.REALM'
+krb_get_krbhst(IGGY.ORG) returned: 'KERBEROS.IGGY.ORG' 'KERBEROS-B.IGGY.ORG'
+krb_get_krbhst(DEFAULT_REALM.TST) returned: 'FIRST.KDC.HOST' 'SECOND.KDC.HOST'
+krb5_get_realm_domain(DEFAULT_REALM.TST) returned 'MIT.EDU'
+krb_get_host_realm(bad.idea) returned: 'US.GOV'
+krb_get_host_realm(itar.bad.idea) returned: 'NSA.GOV'
+krb_get_host_realm(really.BAD.IDEA.) returned: 'NSA.GOV'
+krb_get_host_realm(clipper.bad.idea) returned: 'NIST.GOV'
+krb_get_host_realm(KeYEsCrOW.BaD.IDea) returned: 'NSA.GOV'
+krb_get_host_realm(pgp.good.idea) returned: 'GOOD.IDEA'
--- /dev/null
+/*
+ * t_std_conf.c --- This program tests standard Krb5 routines which pull
+ * values from the krb5 config file(s).
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include "krb5.h"
+
+void test_get_default_realm(ctx)
+ krb5_context ctx;
+{
+ char *realm;
+ krb5_error_code retval;
+
+ retval = krb5_get_default_realm(ctx, &realm);
+ if (retval) {
+ com_err("krb5_get_default_realm", retval, 0);
+ return;
+ }
+ printf("krb5_get_default_realm() returned '%s'\n", realm);
+ free(realm);
+}
+
+void test_set_default_realm(ctx, realm)
+ krb5_context ctx;
+ char *realm;
+{
+ krb5_error_code retval;
+
+ retval = krb5_set_default_realm(ctx, realm);
+ if (retval) {
+ com_err("krb5_set_default_realm", retval, 0);
+ return;
+ }
+ printf("krb5_set_default_realm(%s)\n", realm);
+}
+
+void test_get_krbhst(ctx, realm)
+ krb5_context ctx;
+ char *realm;
+{
+ char **hostlist, **cpp;
+ krb5_data rlm;
+ krb5_error_code retval;
+
+ rlm.data = realm;
+ rlm.length = strlen(realm);
+ retval = krb5_get_krbhst(ctx, &rlm, &hostlist);
+ if (retval) {
+ com_err("krb5_get_krbhst", retval, 0);
+ return;
+ }
+ printf("krb_get_krbhst(%s) returned:", realm);
+ if (hostlist == 0) {
+ printf(" (null)\n");
+ return;
+ }
+ if (hostlist[0] == 0) {
+ printf(" (none)\n");
+ free(hostlist);
+ return;
+ }
+ for (cpp = hostlist; *cpp; cpp++) {
+ printf(" '%s'", *cpp);
+ free(*cpp);
+ }
+ free(hostlist);
+ printf("\n");
+}
+
+void test_locate_kdc(ctx, realm)
+ krb5_context ctx;
+ char *realm;
+{
+ struct sockaddr *addrs;
+ struct sockaddr_in *sin;
+ int i, naddrs;
+ krb5_data rlm;
+ krb5_error_code retval;
+
+ rlm.data = realm;
+ rlm.length = strlen(realm);
+ retval = krb5_locate_kdc(ctx, &rlm, &addrs, &naddrs);
+ if (retval) {
+ com_err("krb5_get_krbhst", retval, 0);
+ return;
+ }
+ printf("krb_get_krbhst(%s) returned:", realm);
+ for (i=0; i < naddrs; i++) {
+ sin = (struct sockaddr_in *) &addrs[i];
+ printf(" %s/%d", inet_ntoa(sin->sin_addr),
+ ntohs(sin->sin_port));
+ }
+ free(addrs);
+ printf("\n");
+}
+
+void test_get_host_realm(ctx, host)
+ krb5_context ctx;
+ char *host;
+{
+ char **realms, **cpp;
+ krb5_error_code retval;
+
+ retval = krb5_get_host_realm(ctx, host, &realms);
+ if (retval) {
+ com_err("krb5_get_host_realm", retval, 0);
+ return;
+ }
+ printf("krb_get_host_realm(%s) returned:", host);
+ if (realms == 0) {
+ printf(" (null)\n");
+ return;
+ }
+ if (realms[0] == 0) {
+ printf(" (none)\n");
+ free(realms);
+ return;
+ }
+ for (cpp = realms; *cpp; cpp++) {
+ printf(" '%s'", *cpp);
+ free(*cpp);
+ }
+ free(realms);
+ printf("\n");
+}
+
+void test_get_realm_domain(ctx, realm)
+ krb5_context ctx;
+ char *realm;
+{
+ krb5_error_code retval;
+ char *domain;
+
+ retval = krb5_get_realm_domain(ctx, realm, &domain);
+ if (retval) {
+ com_err("krb5_get_realm_domain", retval, 0);
+ return;
+ }
+ printf("krb5_get_realm_domain(%s) returned '%s'\n", realm, domain);
+ free(domain);
+}
+
+void usage(progname)
+ char *progname;
+{
+ fprintf(stderr, "%s: Usage: %s [-d] [-k realm] [-r host] [-D realm]\n",
+ progname, progname);
+ exit(1);
+}
+
+main(argc, argv)
+ int argc;
+ char **argv;
+{
+ int c;
+ krb5_context ctx;
+ krb5_error_code retval;
+
+ retval = krb5_init_context(&ctx);
+ if (retval) {
+ fprintf(stderr, "krb5_init_context returned error %ld\n",
+ retval);
+ exit(1);
+ }
+ krb5_init_ets(ctx);
+
+ while ((c = getopt(argc, argv, "dk:r:D:l:s:")) != EOF) {
+ switch (c) {
+ case 'd': /* Get default realm */
+ test_get_default_realm(ctx);
+ break;
+ case 'k': /* Get list of KDC's */
+ test_get_krbhst(ctx, optarg);
+ break;
+ case 'l':
+ test_locate_kdc(ctx, optarg);
+ break;
+ case 'r':
+ test_get_host_realm(ctx, optarg);
+ break;
+ case 's':
+ test_set_default_realm(ctx, optarg);
+ break;
+ case 'D':
+ test_get_realm_domain(ctx, optarg);
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+ exit(0);
+}
--- /dev/null
+[libdefaults]
+ default_realm = DEFAULT.REALM.TST
+
+[realms]
+ DEFAULT_REALM.TST = {
+ kdc = FIRST.KDC.HOST:750
+ kdc = SECOND.KDC.HOST:88
+ admin_server = FIRST.KDC.HOST
+ default_domain = MIT.EDU
+ }
+ IGGY.ORG = {
+ kdc = KERBEROS.IGGY.ORG
+ kdc = KERBEROS-B.IGGY.ORG
+ }
+
+[domain_realm]
+ bad.idea = US.GOV
+ .bad.idea = NSA.GOV
+ clipper.bad.idea = NIST.GOV