From: Zhanna Tsitkov Date: Wed, 30 Dec 2009 19:53:16 +0000 (+0000) Subject: Move krb5int_get_domain_realm_mapping into kdc_util.c as this function is a helper... X-Git-Tag: krb5-1.8-alpha1~44 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=913be2d995a7ea9cb8eea13f52fa06bef9c5fb40;p=krb5.git Move krb5int_get_domain_realm_mapping into kdc_util.c as this function is a helper in kdc code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23546 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/k5-int.h b/src/include/k5-int.h index ec5843f35..2a4f1d819 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -2106,6 +2106,9 @@ struct srv_dns_entry { char *host; }; #ifdef KRB5_DNS_LOOKUP + +#define MAX_DNS_NAMELEN (15*(MAXHOSTNAMELEN + 1)+1) + krb5_error_code krb5int_make_srv_query_realm(const krb5_data *realm, const char *service, diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 475265e71..6ee96b266 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -182,7 +182,8 @@ is_local_principal(krb5_const_principal princ1) * Returns TRUE if the kerberos principal is the name of a Kerberos ticket * service. */ -krb5_boolean krb5_is_tgs_principal(krb5_const_principal principal) +krb5_boolean +krb5_is_tgs_principal(krb5_const_principal principal) { if ((krb5_princ_size(kdc_context, principal) > 0) && data_eq_string (*krb5_princ_component(kdc_context, principal, 0), @@ -2712,3 +2713,62 @@ cleanup: free(pa); return retval; } + + +krb5_error_code +krb5int_get_domain_realm_mapping(krb5_context context, + const char *host, char ***realmsp) +{ + char **retrealms; + char *realm, *cp, *temp_realm; + krb5_error_code retval; + char temp_host[MAX_DNS_NAMELEN+1]; + + /* do sanity check and lower-case */ + retval = krb5int_clean_hostname(context, host, temp_host, sizeof temp_host); + if (retval) + return retval; + /* + Search for the best match for the host or domain. + Example: Given a host a.b.c.d, try to match on: + 1) a.b.c.d 2) .b.c.d. 3) b.c.d 4) .c.d 5) c.d 6) .d 7) d + */ + + cp = temp_host; + realm = (char *)NULL; + temp_realm = 0; + while (cp ) { + retval = profile_get_string(context->profile, KRB5_CONF_DOMAIN_REALM, cp, + 0, (char *)NULL, &temp_realm); + if (retval) + return retval; + if (temp_realm != (char *)NULL) + break; /* Match found */ + + /* Setup for another test */ + if (*cp == '.') { + cp++; + } else { + cp = strchr(cp, '.'); + } + } + if (temp_realm != (char*)NULL) { + realm = strdup(temp_realm); + profile_release_string(temp_realm); + if (!realm) { + return ENOMEM; + } + } + retrealms = (char **)calloc(2, sizeof(*retrealms)); + if (!retrealms) { + if (realm != (char *)NULL) + free(realm); + return ENOMEM; + } + + retrealms[0] = realm; + retrealms[1] = 0; + + *realmsp = retrealms; + return 0; +} diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h index 353bbfc5d..76af328dd 100644 --- a/src/kdc/kdc_util.h +++ b/src/kdc/kdc_util.h @@ -398,7 +398,9 @@ krb5_error_code kdc_handle_protected_negotiation( krb5_data *req_pkt, krb5_kdc_req *request, const krb5_keyblock *reply_key, krb5_pa_data **out_enc_padata, int *idx); - +krb5_error_code +krb5int_get_domain_realm_mapping(krb5_context context, + const char *host, char ***realmsp); #define isflagset(flagfield, flag) (flagfield & (flag)) diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports index e7c191b63..acfa2eaac 100644 --- a/src/lib/krb5/libkrb5.exports +++ b/src/lib/krb5/libkrb5.exports @@ -572,6 +572,7 @@ krb5_write_message krb5int_accessor krb5int_cc_default krb5int_cleanup_library +krb5int_clean_hostname krb5int_cm_call_select krb5int_copy_data_contents_add0 krb5int_find_authdata @@ -580,7 +581,6 @@ krb5int_foreach_localaddr krb5int_free_addrlist krb5int_free_data_list krb5int_get_authdata_containee_types -krb5int_get_domain_realm_mapping krb5int_init_context_kdc krb5int_initialize_library krb5int_pac_sign diff --git a/src/lib/krb5/os/def_realm.c b/src/lib/krb5/os/def_realm.c index 5b6f88d7e..878aa2906 100644 --- a/src/lib/krb5/os/def_realm.c +++ b/src/lib/krb5/os/def_realm.c @@ -51,8 +51,6 @@ #define MAXHOSTNAMELEN 64 #endif -#define MAX_DNS_NAMELEN (15*(MAXHOSTNAMELEN + 1)+1) - #endif /* KRB5_DNS_LOOKUP */ /* @@ -188,60 +186,3 @@ krb5_free_default_realm(krb5_context context, char *lrealm) { free (lrealm); } - -krb5_error_code -krb5int_get_domain_realm_mapping(krb5_context context, const char *host, char ***realmsp) -{ - char **retrealms; - char *realm, *cp, *temp_realm; - krb5_error_code retval; - char temp_host[MAX_DNS_NAMELEN+1]; - - /* do sanity check and lower-case */ - retval = krb5int_clean_hostname(context, host, temp_host, sizeof temp_host); - if (retval) - return retval; - /* - Search for the best match for the host or domain. - Example: Given a host a.b.c.d, try to match on: - 1) a.b.c.d 2) .b.c.d. 3) b.c.d 4) .c.d 5) c.d 6) .d 7) d - */ - - cp = temp_host; - realm = (char *)NULL; - temp_realm = 0; - while (cp ) { - retval = profile_get_string(context->profile, KRB5_CONF_DOMAIN_REALM, cp, - 0, (char *)NULL, &temp_realm); - if (retval) - return retval; - if (temp_realm != (char *)NULL) - break; /* Match found */ - - /* Setup for another test */ - if (*cp == '.') { - cp++; - } else { - cp = strchr(cp, '.'); - } - } - if (temp_realm != (char*)NULL) { - realm = strdup(temp_realm); - profile_release_string(temp_realm); - if (!realm) { - return ENOMEM; - } - } - retrealms = (char **)calloc(2, sizeof(*retrealms)); - if (!retrealms) { - if (realm != (char *)NULL) - free(realm); - return ENOMEM; - } - - retrealms[0] = realm; - retrealms[1] = 0; - - *realmsp = retrealms; - return 0; -}