Add profile support for libdefaults dns_fallback

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11586 dc483132-0cff-0310-8789-dd5450dbe970
author: Jeffrey Altman <jaltman@secure-endpoints.com> 1999-07-23 03:17:46 +0000
committer: Jeffrey Altman <jaltman@secure-endpoints.com> 1999-07-23 03:17:46 +0000
commit: 63024a597bd2d002bada8ab62668fc58027a6162 (patch)
tree: 33247f806e875d57e5dc2f7d13db580536940ffa /src/lib
parent: 481f2576e2af8ef01340b3e5d6a493eab83d2305 (diff)
2 files changed, 70 insertions, 36 deletions
diff --git a/src/lib/krb5/os/def_realm.c b/src/lib/krb5/os/def_realm.c
index 4d6978395..690dcc633 100644
--- a/src/lib/krb5/os/def_realm.c
+++ b/src/lib/krb5/os/def_realm.c
@@ -65,18 +65,34 @@ krb5_get_default_realm(context, lrealm)
 	    return KV5M_CONTEXT;
 
     if (!context->default_realm) {
-	    /*
-	     * XXX should try to figure out a reasonable default based
-	     * on the host's DNS domain.
-	     */
-	    context->default_realm = 0;
-	    if (context->profile == 0)
-		    return KRB5_CONFIG_CANTOPEN;
-	    retval = profile_get_string(context->profile, "libdefaults",
-					"default_realm", 0, 0,
-					&context->default_realm);
+        /*
+         * XXX should try to figure out a reasonable default based
+         * on the host's DNS domain.
+         */
+        context->default_realm = 0;
+        if (context->profile == 0)
+            return KRB5_CONFIG_CANTOPEN;
+        retval = profile_get_string(context->profile, "libdefaults",
+                                     "default_realm", 0, 0,
+                                     &context->default_realm);
 #ifdef KRB5_DNS_LOOKUP
-	    if (context->default_realm == 0) {
+        if (context->default_realm == 0) {
+            int use_dns=0;
+            char * string=NULL;
+            krb5_error_code retval2;
+
+            retval2 = profile_get_string(context->profile, "libdefaults",
+                                          "dns_fallback", 0, 
+                                          context->profile_in_memory?"1":"0",
+                                          &string);
+            if ( retval2 )
+                return(retval2);
+
+            if ( string ) {
+                use_dns = krb5_conf_boolean(string);
+                free(string);
+            }
+            if ( use_dns ) {
 		/*
 		 * Since this didn't appear in our config file, try looking
 		 * it up via DNS.  Look for a TXT records of the form:
@@ -111,22 +127,23 @@ krb5_get_default_realm(context, lrealm)
 		if (retval) {
 		    return(KRB5_CONFIG_NODEFREALM);
 		}
-	    }
+            }
+        }
 #endif /* KRB5_DNS_LOOKUP */
     }
 
     if (context->default_realm == 0)
 	return(KRB5_CONFIG_NODEFREALM);
     if (context->default_realm[0] == 0) {
-	    free (context->default_realm);
-	    context->default_realm = 0;
-	    return KRB5_CONFIG_NODEFREALM;
+        free (context->default_realm);
+        context->default_realm = 0;
+        return KRB5_CONFIG_NODEFREALM;
     }
 
     realm = context->default_realm;
     
     if (!(*lrealm = cp = malloc((unsigned int) strlen(realm) + 1)))
-	    return ENOMEM;
+        return ENOMEM;
     strcpy(cp, realm);
     return(0);
 }
diff --git a/src/lib/krb5/os/hst_realm.c b/src/lib/krb5/os/hst_realm.c
index a2c76ade2..3bd766ea5 100644
--- a/src/lib/krb5/os/hst_realm.c
+++ b/src/lib/krb5/os/hst_realm.c
@@ -287,32 +287,49 @@ krb5_get_host_realm(context, host, realmsp)
 
 #ifdef KRB5_DNS_LOOKUP
     if (realm == (char *)NULL) {
-        /*
-        * Since this didn't appear in our config file, try looking
-        * it up via DNS.  Look for a TXT records of the form:
-        *
-        * _kerberos.<hostname>
-        * _kerberos.<searchlist>
-        * _kerberos.<defaultrealm>
-        *
-        */
-        cp = local_host;
-        do {
-            retval = krb5_try_realm_txt_rr("_kerberos", cp, &realm);
-            cp = strchr(cp,'.');
-            if (cp) 
-                cp++;
-        } while (retval && cp && cp[0]);
-        if (retval)
-            retval = krb5_try_realm_txt_rr("_kerberos", "", &realm);
-        if (retval && default_realm) {
-            cp = default_realm;
+        int use_dns=0;
+        char * string=NULL;
+        krb5_error_code retval2;
+
+        retval2 = profile_get_string(context->profile, "libdefaults",
+                                      "dns_fallback", 0, 
+                                      context->profile_in_memory?"1":"0",
+                                      &string);
+        if ( retval2 )
+            return(retval2);
+
+        if ( string ) {
+            use_dns = krb5_conf_boolean(string);
+            free(string);
+        }
+        if ( use_dns ) {
+            /*
+             * Since this didn't appear in our config file, try looking
+             * it up via DNS.  Look for a TXT records of the form:
+             *
+             * _kerberos.<hostname>
+             * _kerberos.<searchlist>
+             * _kerberos.<defaultrealm>
+             *
+             */
+            cp = local_host;
             do {
                 retval = krb5_try_realm_txt_rr("_kerberos", cp, &realm);
                 cp = strchr(cp,'.');
                 if (cp) 
                     cp++;
             } while (retval && cp && cp[0]);
+            if (retval)
+                retval = krb5_try_realm_txt_rr("_kerberos", "", &realm);
+            if (retval && default_realm) {
+                cp = default_realm;
+                do {
+                    retval = krb5_try_realm_txt_rr("_kerberos", cp, &realm);
+                    cp = strchr(cp,'.');
+                    if (cp) 
+                        cp++;
+                } while (retval && cp && cp[0]);
+            }
         }
     }
 #endif /* KRB5_DNS_LOOKUP */
author	Jeffrey Altman <jaltman@secure-endpoints.com>	1999-07-23 03:17:46 +0000
committer	Jeffrey Altman <jaltman@secure-endpoints.com>	1999-07-23 03:17:46 +0000
commit	63024a597bd2d002bada8ab62668fc58027a6162 (patch)
tree	33247f806e875d57e5dc2f7d13db580536940ffa /src/lib
parent	481f2576e2af8ef01340b3e5d6a493eab83d2305 (diff)