diff options
author | Greg Hudson <ghudson@mit.edu> | 2013-09-05 18:30:02 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2013-09-06 01:02:28 -0400 |
commit | 60edb321af64081e3eb597da0256faf117c9c441 (patch) | |
tree | 698137c48805a6b3381e531ddbfcc46fe5cab73a /src/include | |
parent | 9e37d01a0122904776fada43ec65425c375414d8 (diff) | |
download | krb5-60edb321af64081e3eb597da0256faf117c9c441.tar.gz krb5-60edb321af64081e3eb597da0256faf117c9c441.tar.xz krb5-60edb321af64081e3eb597da0256faf117c9c441.zip |
Add a flag to prevent all host canonicalization
If dns_canonicalize_hostname is set to false in [libdefaults],
krb5_sname_to_principal will not canonicalize the hostname using
either forward or reverse lookups.
ticket: 7703 (new)
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/k5-int.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 5119e66da6..f84fbd8359 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -207,6 +207,7 @@ typedef INT64_TYPE krb5_int64; #define KRB5_CONF_DISABLE "disable" #define KRB5_CONF_DISABLE_LAST_SUCCESS "disable_last_success" #define KRB5_CONF_DISABLE_LOCKOUT "disable_lockout" +#define KRB5_CONF_DNS_CANONICALIZE_HOSTNAME "dns_canonicalize_hostname" #define KRB5_CONF_DNS_LOOKUP_KDC "dns_lookup_kdc" #define KRB5_CONF_DNS_LOOKUP_REALM "dns_lookup_realm" #define KRB5_CONF_DNS_FALLBACK "dns_fallback" @@ -1175,6 +1176,7 @@ struct _krb5_context { krb5_boolean allow_weak_crypto; krb5_boolean ignore_acceptor_hostname; + krb5_boolean dns_canonicalize_hostname; krb5_trace_callback trace_callback; void *trace_callback_data; |