diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-09-05 18:30:02 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-09-06 01:02:28 -0400 |
| commit | 60edb321af64081e3eb597da0256faf117c9c441 (patch) | |
| tree | 698137c48805a6b3381e531ddbfcc46fe5cab73a /src/lib/krb5/krb | |
| parent | 9e37d01a0122904776fada43ec65425c375414d8 (diff) | |
| download | krb5-60edb321af64081e3eb597da0256faf117c9c441.tar.gz krb5-60edb321af64081e3eb597da0256faf117c9c441.tar.xz krb5-60edb321af64081e3eb597da0256faf117c9c441.zip | |
Add a flag to prevent all host canonicalization
If dns_canonicalize_hostname is set to false in [libdefaults],
krb5_sname_to_principal will not canonicalize the hostname using
either forward or reverse lookups.
ticket: 7703 (new)
Diffstat (limited to 'src/lib/krb5/krb')
| -rw-r--r-- | src/lib/krb5/krb/init_ctx.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 3f4aad4fd6..252596d142 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -210,6 +210,11 @@ krb5_init_context_profile(profile_t profile, krb5_flags flags, goto cleanup; ctx->ignore_acceptor_hostname = tmp; + retval = get_boolean(ctx, KRB5_CONF_DNS_CANONICALIZE_HOSTNAME, 1, &tmp); + if (retval) + goto cleanup; + ctx->dns_canonicalize_hostname = tmp; + /* initialize the prng (not well, but passable) */ if ((retval = krb5_c_random_os_entropy( ctx, 0, NULL)) !=0) goto cleanup; |