diff options
| author | Zhanna Tsitkov <tsitkova@mit.edu> | 2009-12-30 19:53:16 +0000 |
|---|---|---|
| committer | Zhanna Tsitkov <tsitkova@mit.edu> | 2009-12-30 19:53:16 +0000 |
| commit | 913be2d995a7ea9cb8eea13f52fa06bef9c5fb40 (patch) | |
| tree | c8def5964c0920a835652b050313f2c634174140 /src/kdc | |
| parent | f164653ce35ed781acf29e59ab988fee89853166 (diff) | |
| download | krb5-913be2d995a7ea9cb8eea13f52fa06bef9c5fb40.tar.gz krb5-913be2d995a7ea9cb8eea13f52fa06bef9c5fb40.tar.xz krb5-913be2d995a7ea9cb8eea13f52fa06bef9c5fb40.zip | |
Move krb5int_get_domain_realm_mapping into kdc_util.c as this function is a helper in kdc code
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23546 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc')
| -rw-r--r-- | src/kdc/kdc_util.c | 62 | ||||
| -rw-r--r-- | src/kdc/kdc_util.h | 4 |
2 files changed, 64 insertions, 2 deletions
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 475265e71..6ee96b266 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -182,7 +182,8 @@ is_local_principal(krb5_const_principal princ1) * Returns TRUE if the kerberos principal is the name of a Kerberos ticket * service. */ -krb5_boolean krb5_is_tgs_principal(krb5_const_principal principal) +krb5_boolean +krb5_is_tgs_principal(krb5_const_principal principal) { if ((krb5_princ_size(kdc_context, principal) > 0) && data_eq_string (*krb5_princ_component(kdc_context, principal, 0), @@ -2712,3 +2713,62 @@ cleanup: free(pa); return retval; } + + +krb5_error_code +krb5int_get_domain_realm_mapping(krb5_context context, + const char *host, char ***realmsp) +{ + char **retrealms; + char *realm, *cp, *temp_realm; + krb5_error_code retval; + char temp_host[MAX_DNS_NAMELEN+1]; + + /* do sanity check and lower-case */ + retval = krb5int_clean_hostname(context, host, temp_host, sizeof temp_host); + if (retval) + return retval; + /* + Search for the best match for the host or domain. + Example: Given a host a.b.c.d, try to match on: + 1) a.b.c.d 2) .b.c.d. 3) b.c.d 4) .c.d 5) c.d 6) .d 7) d + */ + + cp = temp_host; + realm = (char *)NULL; + temp_realm = 0; + while (cp ) { + retval = profile_get_string(context->profile, KRB5_CONF_DOMAIN_REALM, cp, + 0, (char *)NULL, &temp_realm); + if (retval) + return retval; + if (temp_realm != (char *)NULL) + break; /* Match found */ + + /* Setup for another test */ + if (*cp == '.') { + cp++; + } else { + cp = strchr(cp, '.'); + } + } + if (temp_realm != (char*)NULL) { + realm = strdup(temp_realm); + profile_release_string(temp_realm); + if (!realm) { + return ENOMEM; + } + } + retrealms = (char **)calloc(2, sizeof(*retrealms)); + if (!retrealms) { + if (realm != (char *)NULL) + free(realm); + return ENOMEM; + } + + retrealms[0] = realm; + retrealms[1] = 0; + + *realmsp = retrealms; + return 0; +} diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h index 353bbfc5d..76af328dd 100644 --- a/src/kdc/kdc_util.h +++ b/src/kdc/kdc_util.h @@ -398,7 +398,9 @@ krb5_error_code kdc_handle_protected_negotiation( krb5_data *req_pkt, krb5_kdc_req *request, const krb5_keyblock *reply_key, krb5_pa_data **out_enc_padata, int *idx); - +krb5_error_code +krb5int_get_domain_realm_mapping(krb5_context context, + const char *host, char ***realmsp); #define isflagset(flagfield, flag) (flagfield & (flag)) |