summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/os/sn2princ.c
Commit message (Collapse)AuthorAgeFilesLines
* Allow ":port" suffixes in sn2princ hostnamesGreg Hudson2013-12-111-2/+37
| | | | | | | | | MSSQLSvc principal names can contain a ":port" or ":instance" trailer on the hostname part. If we see that in the hostname argument of krb5_sname_to_principal(), remove it before canonicalizing the hostname and put it back on afterwards. ticket: 7795 (new)
* Modernize sn2princ.cGreg Hudson2013-12-111-133/+115
| | | | | Refactor and edit sn2princ.c to match current coding style. No behavior changes, except to be less chatty in trace logs.
* Add a flag to prevent all host canonicalizationGreg Hudson2013-09-061-1/+1
| | | | | | | | If dns_canonicalize_hostname is set to false in [libdefaults], krb5_sname_to_principal will not canonicalize the hostname using either forward or reverse lookups. ticket: 7703 (new)
* Simplify principal access within libkrb5Greg Hudson2013-04-081-1/+1
| | | | | For conciseness, directly use fields of krb5_principal objects instead of using the accessor macros.
* Convert DEBUG_REFERRALS to TRACE_* frameworkW. Trevor King2012-05-231-22/+5
| | | | | | | | | The referrals debugging code under DEBUG_REFERRALS ceased building correctly at some point. Convert this debugging code to use the tracing framework instead, including adding new trace macros to k5-trace.h. ticket: 7151
* Add missing newline to sn2princ debug messageGreg Hudson2012-05-141-1/+2
| | | | | | Patch from wking@tremily.us. ticket: 7131
* In sn2princ, getaddrinfo without AI_ADDRCONFIGGreg Hudson2012-05-031-1/+1
| | | | | | | | | | | | | | | | | | When canonicalizing a principal, use AI_CANONNAME alone in the hint flags for getaddrinfo, for two reasons. First, it works around a gnu libc bug where getaddrinfo does a PTR lookup for the canonical name (we tried to work around this in r24977 bug the addition of AI_ADDRCONFIG caused the same problem as the use of AF_INET). Second, an IPv4-only host should be able create a principal for an IPv6-only host even if it can't contact the host. This does result in extra AAAA queries in the common case (IPv4-only host contacting IPv4-only service), which is unfortunate. But we need to leave that optimization up to the platform at this point. ticket: 7124 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25844 dc483132-0cff-0310-8789-dd5450dbe970
* Fix free ofuninitialized memory in sname_to_princSam Hartman2011-12-021-2/+3
| | | | | | | | | | | Fix free of uninitialized memory in error case introduced in 1.10 development cycle. ticket: 7036 tags: pullup Target_Version: 1.10 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25498 dc483132-0cff-0310-8789-dd5450dbe970
* RFC 4120 says that we should not canonicalize using DNS. We cannot getSam Hartman2011-10-171-4/+3
| | | | | | | | | | | | | | that far today, but there's no reason we should fail to use a perfectly good principal name just because DNS is failing. For some services there isn't even a requirement they be in DNS. With AI_ADDRCONFIG there's no reason that Kerberos canonicalization should fail simply because a v6 address is not present, for example. So, if getaddrinfo fails in krb5_sname_to_principal simply use the input hostname uncanonicalized. sn2princ: On getaddrinfo failure use the input git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25357 dc483132-0cff-0310-8789-dd5450dbe970
* Work around glibc getaddrinfo PTR lookupsGreg Hudson2011-06-231-8/+1
| | | | | | | | | | | | | | | | | | | In krb5_sname_to_principal(), we always do a forward canonicalization using getaddrinfo() with AI_CANONNAME set. Then, we do a reverse canonicalization with getnameinfo() if rdns isn't set to false in libdefaults. Current glibc (tested with eglibc 2.11.1) has the arguably buggy behavior of doing PTR lookups in getaddrinfo() to get the canonical name, if hints.ai_family is set to something other than AF_UNSPEC. This behavior defeats the ability to turn off rdns. Work around this behavior by using AF_UNSPEC in krb5_sname_to_principal() from the start, instead of starting with AF_INET and falling back. Specify AI_ADDRCONFIG to avoid AAAA lookups on hosts with no IPv6 addresses. ticket: 6922 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24977 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-091-6/+4
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_sname_to_principal, correctly handle failures fromGreg Hudson2010-09-151-2/+2
| | | | | | | | krb5_build_principal. ticket: 6777 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24309 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-311-101/+101
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Use macros for config parametersZhanna Tsitkov2009-02-041-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21879 dc483132-0cff-0310-8789-dd5450dbe970
* Start to phase out krb5_xfree macro, which just casts its argument toKen Raeburn2009-01-281-1/+1
| | | | | | | | | | | char* and calls free. Replace most uses, outside of the LDAP KDB plugin, which doesn't build on my test system of the moment because of version dependencies. Add one explicit cast to make the change warning-neutral (under gcc 4.0.1 on Mac OS X 10.5.6). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21812 dc483132-0cff-0310-8789-dd5450dbe970
* Merge mskrb-integ onto trunkSam Hartman2009-01-031-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | The mskrb-integ branch includes support for the following projects: Projects/Aliases * Projects/PAC and principal APIs * Projects/AEAD encryption API * Projects/GSSAPI DCE * Projects/RFC 3244 In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions. In the KDC it includes support for protocol transition, constrained delegation and a new authorization data interface. The old authorization data interface is also supported. This commit merges the mskrb-integ branch on to the trunk. Additional review and testing is required. Merge commit 'mskrb-integ' into trunk ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970
* Add prototype for krb5int_debug_fprint to os-proto.h. Include os-proto.h inEzra Peisach2006-10-131-2/+1
| | | | | | sn2princ.c. Cleans up warning for function definition w/o prototype. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18694 dc483132-0cff-0310-8789-dd5450dbe970
* Set the canonicalize flag in TGS requests and accept cross-realm referral ↵Sam Hartman2006-09-211-0/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tickets. We do not yet accept tickets in which the server name changes. * krb5_sname_to_principal: If there is no domain realm mapping return null realm *krb5_get_cred_via_tkt: New behavior as described below 1) the referrals case: - check for TGT for initial realm - if a remote realm was specified (which must have happened via a domain_realm mapping), obtain a TGT for it the standard way and start with that. - use client realm for server if not specified - iterate through this loop: - request ticket with referrals turned on - if that fails: - if this was the first request, punt to non-referrals case - otherwise, retry once without referrals turned on then terminate either way - if it works, either use the service ticket or follow the referral path - if loop count exceeded, hardfail 2) the nonreferrals case - this is mostly the old walk_realm_tree TGT-finding (which allows limited shortcut referrals per 4120) followed by a standard tgs-req. - originally requested principal is used for this, although if we were handed something without a realm, determine a fallback realm based on DNS TXT records or a truncation of the domain name. ticket: 2652 Owner: amb git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18598 dc483132-0cff-0310-8789-dd5450dbe970
* Change a bunch of calls to ctype macros (those cited by Jeff, and aKen Raeburn2006-06-161-2/+2
| | | | | | | | few others) to cast the character values to unsigned char. ticket: 3445 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18156 dc483132-0cff-0310-8789-dd5450dbe970
* Delete definitions of unused macros NEED_SOCKETS and NEED_LOWLEVEL_IOKen Raeburn2005-04-131-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17177 dc483132-0cff-0310-8789-dd5450dbe970
* * sn2princ.c (krb5_sname_to_principal):Jeffrey Altman2005-03-061-20/+48
| | | | | | | | | | | conditionalize the use of reverse dns lookups. The default is to use the existing behavior. rdns can be disabled by specifying [libdefaults] rdns=false ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17120 dc483132-0cff-0310-8789-dd5450dbe970
* protoizeKen Raeburn2002-09-031-6/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14816 dc483132-0cff-0310-8789-dd5450dbe970
* * sn2princ.c: Include fake-addrinfo.h.Ken Raeburn2002-07-091-15/+42
| | | | | | | (krb5_sname_to_principal): Use getaddrinfo and getnameinfo instead of gethostbyname and gethostbyaddr. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14620 dc483132-0cff-0310-8789-dd5450dbe970
* back out changes accidentally checked inKen Raeburn2002-07-081-51/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14617 dc483132-0cff-0310-8789-dd5450dbe970
* * localaddr.c (get_localaddrs): Split out main body of krb5_os_localaddr, addKen Raeburn2002-07-081-15/+51
| | | | | | | | | | an argument to indicate whether addresses listed in the profile should be included. (krb5_os_localaddr): Call it. (krb5int_local_addresses): Call get_localaddrs but skip profile-listed addresses. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14616 dc483132-0cff-0310-8789-dd5450dbe970
* Danilo also says we can get rid of _MSDOS (Win16) tests, and explicit ↵Ken Raeburn2001-10-061-3/+3
| | | | | | FAR/NEAR specs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13786 dc483132-0cff-0310-8789-dd5450dbe970
* Danilo says we can get rid of the DLLIMP stuff nowKen Raeburn2001-10-041-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13775 dc483132-0cff-0310-8789-dd5450dbe970
* * sn2princ.c: Do not cast away const char * in call to strdupEzra Peisach2001-07-251-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13637 dc483132-0cff-0310-8789-dd5450dbe970
* * sn2princ.c (krb5_sname_to_principal): Cast tolower argument to intEzra Peisach2001-07-061-1/+1
| | | | | | | * hst_realm.c (krb5_get_host_realm): Cast argument to toupper and tolower to int. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13576 dc483132-0cff-0310-8789-dd5450dbe970
* * sn2princ.c, hst_realm.c, an_to_ln.c: Cast argument toEzra Peisach2001-06-121-1/+1
| | | | | | | | | isupper()/isspace()/islower() to int. * t_std_conf.c (test_locate_kdc): krb5_locate_kdc expects a struct sockaddr *** as a third argument instead of sockaddr **. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13339 dc483132-0cff-0310-8789-dd5450dbe970
* * t_an_to_ln.c: Include <stdio.h> for prototypesEzra Peisach2000-06-301-1/+1
| | | | | | | | | | | | | | * locate_kdc.c (krb5_locate_srv_dns): Remove unused variable. * changepw.c, sendto_kdc.c, sn2princ.c: Add parentheses around assignment used as truth value. * ccdefname.c (get_from_os): Cast return from getuid() to long and indicate use of format in sprintf. gcc -Wall complaints. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12482 dc483132-0cff-0310-8789-dd5450dbe970
* copyright notice updates from 1.1 branchKen Raeburn1999-09-241-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11853 dc483132-0cff-0310-8789-dd5450dbe970
* Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO for Mac OT SocketsLibAlexandra Ellwood1999-06-081-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11496 dc483132-0cff-0310-8789-dd5450dbe970
* sn2princ.c (krb5_sname_to_principal): Windows NT5's broken resolverTheodore Tso1999-01-051-0/+12
| | | | | | | gratuitously tacks on a trailing period to the hostname (at least it does in Beta2). Deal with this brain-damage. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11102 dc483132-0cff-0310-8789-dd5450dbe970
* Windows/NT integration (V1_0_WIN32_BRANCH merge)Richard Basch1997-02-061-4/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9788 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Test that regcomp actually worksKen Raeburn1996-04-301-3/+1
| | | | | | | | * Makefile.in (check-unix): Use $(RM). * t_an_to_ln.c (main): Print principal name when an error is detected. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7874 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace cleanupRichard Basch1996-04-251-11/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7858 dc483132-0cff-0310-8789-dd5450dbe970
* Backed out the patch for const pointer reassignments; it was legal ANSIRichard Basch1996-03-251-9/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7709 dc483132-0cff-0310-8789-dd5450dbe970
* Back out last change and use a cast to avoid warnings.Ezra Peisach1996-03-191-2/+5
| | | | | | | Richard has indicated that come compilers get upset if you try to reassign a const char *. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7659 dc483132-0cff-0310-8789-dd5450dbe970
* * sn2princ.c (krb5_sname_to_principal): Do not assign a const char *Ezra Peisach1996-03-181-2/+2
| | | | | | to a non-const char *. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7658 dc483132-0cff-0310-8789-dd5450dbe970
* Do not try to reassign "const" variablesRichard Basch1996-03-181-11/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7657 dc483132-0cff-0310-8789-dd5450dbe970
* * Don't always use the default realm on localhost, so that the domain to ↵Sam Hartman1995-07-311-12/+5
| | | | | | realm mapping can be used to overide for localhost git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6371 dc483132-0cff-0310-8789-dd5450dbe970
* locate_kdc.c: Don't include sys/socket.h, netdb.h, netinet/in.h,Theodore Tso1995-03-241-3/+0
| | | | | | | | | | | | since these files are already included by k5-config.h sendto_kdc.c: Don't include sys/socket.h, since it is already included by k5-config.h sn2princ.c: Don't include netdb.h, since it is already included by k5-config.h git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5239 dc483132-0cff-0310-8789-dd5450dbe970
* Port of most of the OS directory to the PCKeith Vetter1995-03-071-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5079 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid <krb5/...> includesJohn Gilmore1995-02-281-4/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5014 dc483132-0cff-0310-8789-dd5450dbe970
* Removed all references to DECLARG and OLDDECLARG.Chris Provenzano1995-01-131-13/+11
| | | | | | | | | Added krb5_context to all krb5_routines. Moved init_ctx.c to init_os_ctx.c because a library cannot have more than on file with the same name. See krb5/krb/init_ctx.c git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4811 dc483132-0cff-0310-8789-dd5450dbe970
* stamp out rcs keywordsMark Eichin1994-08-181-6/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4191 dc483132-0cff-0310-8789-dd5450dbe970
* Try doing a reverse address resolution to get the real hostname..Theodore Tso1994-06-021-0/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3679 dc483132-0cff-0310-8789-dd5450dbe970
* Free all memory on errorsTheodore Tso1993-12-241-15/+25
| | | | | | If the hostname passed in is NULL, use the default local realm. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3270 dc483132-0cff-0310-8789-dd5450dbe970
* Change use of xfree to krb5_xfree to prevent namespace pollutionTheodore Tso1993-10-151-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2670 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-11-17 21:24:21 +0000