diff options
| author | Theodore Tso <tytso@mit.edu> | 1994-06-10 19:45:50 +0000 |
|---|---|---|
| committer | Theodore Tso <tytso@mit.edu> | 1994-06-10 19:45:50 +0000 |
| commit | 0558de4ee026f18c9a0c26153990afcad96a6886 (patch) | |
| tree | d920c7aaff6028847092102ffdbf7bd9ab5374e4 | |
| parent | 34ff54b966b69ec54a75fcc9297b5d37d9c5871b (diff) | |
| download | krb5-0558de4ee026f18c9a0c26153990afcad96a6886.tar.gz krb5-0558de4ee026f18c9a0c26153990afcad96a6886.tar.xz krb5-0558de4ee026f18c9a0c26153990afcad96a6886.zip | |
Allow default realm to be overriden by extern variable
Cache default realm so that we don't have to repeatedly open /etc/krb.conf.
(Also prevents possible security problems if /etc/krb.conf is over the network,
and an attacker spoofs /etc/krb.conf for some calls to get_default_realm,
but not all of them.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3726 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/lib/krb5/os/def_realm.c | 49 |
1 files changed, 41 insertions, 8 deletions
diff --git a/src/lib/krb5/os/def_realm.c b/src/lib/krb5/os/def_realm.c index 247d161c7..809ee4405 100644 --- a/src/lib/krb5/os/def_realm.c +++ b/src/lib/krb5/os/def_realm.c @@ -51,24 +51,57 @@ static char rcsid_def_realm_c[] = extern char *krb5_config_file; /* extern so can be set at load/runtime */ + +/* + * In case the program wants to override this. + */ +extern char *krb5_override_default_realm; + +char *krb5_override_default_realm = 0; + krb5_error_code krb5_get_default_realm(lrealm) char **lrealm; { FILE *config_file; char realmbuf[BUFSIZ]; + static char *saved_realm = 0; + char *realm; char *cp; - if (!(config_file = fopen(krb5_config_file, "r"))) - /* can't open */ - return KRB5_CONFIG_CANTOPEN; + if (krb5_override_default_realm) + realm = krb5_override_default_realm; + else if (saved_realm) + realm = saved_realm; + else { + if (!(config_file = fopen(krb5_config_file, "r"))) + /* can't open */ + return KRB5_CONFIG_CANTOPEN; + + if (fgets(realmbuf, sizeof(realmbuf), config_file) == NULL) { + fclose(config_file); + return(KRB5_CONFIG_BADFORMAT); + } + fclose(config_file); + + realmbuf[BUFSIZ-1] = '0'; + cp = strchr(realmbuf, '\n'); + if (cp) + *cp = '\0'; + cp = strchr(realmbuf, ' '); + if (cp) + *cp = '\0'; + + saved_realm = malloc(strlen (realmbuf) + 1); + if (!saved_realm) + return ENOMEM; + + strcpy(saved_realm, realmbuf); - if (fscanf(config_file, "%s", realmbuf) != 1) { - fclose(config_file); - return( KRB5_CONFIG_BADFORMAT); + realm = saved_realm; } - fclose(config_file); - if (!(*lrealm = cp = malloc((unsigned int) strlen(realmbuf) + 1))) + + if (!(*lrealm = cp = malloc((unsigned int) strlen(realm) + 1))) return ENOMEM; strcpy(cp, realmbuf); return(0); |