diff options
author | Andrew Boardman <amb@mit.edu> | 2006-08-15 22:51:55 +0000 |
---|---|---|
committer | Andrew Boardman <amb@mit.edu> | 2006-08-15 22:51:55 +0000 |
commit | 97b07d30145e655bfb53e7eaa8c40a2c26968b2e (patch) | |
tree | 55d46b152c4f9154dc55a1ba3e16b7fecd14e468 | |
parent | 79587adbcb84750f5417bf827b76fb72aa6e4eac (diff) | |
download | krb5-97b07d30145e655bfb53e7eaa8c40a2c26968b2e.zip krb5-97b07d30145e655bfb53e7eaa8c40a2c26968b2e.tar.gz krb5-97b07d30145e655bfb53e7eaa8c40a2c26968b2e.tar.bz2 |
Split off hostname munging code into krb5_clean_hostname. Currently
broken work-in-progress.
git-svn-id: svn://anonsvn.mit.edu/krb5/users/amb/referrals@18446 dc483132-0cff-0310-8789-dd5450dbe970
-rw-r--r-- | src/lib/krb5/os/hst_realm.c | 139 |
1 files changed, 90 insertions, 49 deletions
diff --git a/src/lib/krb5/os/hst_realm.c b/src/lib/krb5/os/hst_realm.c index 9a60493..ae3e153 100644 --- a/src/lib/krb5/os/hst_realm.c +++ b/src/lib/krb5/os/hst_realm.c @@ -196,54 +196,13 @@ krb5_error_code KRB5_CALLCONV krb5_get_host_realm(krb5_context context, const char *host, char ***realmsp) { char **retrealms; - char *default_realm, *realm, *cp, *temp_realm; + char *realm, *cp, *temp_realm; krb5_error_code retval; - int l; char local_host[MAXDNAME+1]; printf("get_host_realm(host:%s) called\n",host); - if (host) { - /* Filter out numeric addresses if the caller utterly failed to - convert them to names. */ - /* IPv4 - dotted quads only */ - if (strspn(host, "01234567890.") == strlen(host)) { - /* All numbers and dots... if it's three dots, it's an - IP address, and we reject it. But "12345" could be - a local hostname, couldn't it? We'll just assume - that a name with three dots is not meant to be an - all-numeric hostname three all-numeric domains down - from the current domain. */ - int ndots = 0; - const char *p; - for (p = host; *p; p++) - if (*p == '.') - ndots++; - if (ndots == 3) - return KRB5_ERR_NUMERIC_REALM; - } - if (strchr(host, ':')) - /* IPv6 numeric address form? Bye bye. */ - return KRB5_ERR_NUMERIC_REALM; - - /* Should probably error out if strlen(host) > MAXDNAME. */ - strncpy(local_host, host, sizeof(local_host)); - local_host[sizeof(local_host) - 1] = '\0'; - } else { - retval = krb5int_get_fq_local_hostname (local_host, - sizeof (local_host)); - if (retval) - return retval; - } - - for (cp = local_host; *cp; cp++) { - if (isupper((unsigned char) (*cp))) - *cp = tolower((unsigned char) *cp); - } - l = strlen(local_host); - /* strip off trailing dot */ - if (l && local_host[l-1] == '.') - local_host[l-1] = 0; + krb5_clean_hostname(context, host, &local_host); /* Search for the best match for the host or domain. @@ -259,7 +218,7 @@ krb5_get_host_realm(krb5_context context, const char *host, char ***realmsp) cp = local_host; printf(" local_host: %s\n",local_host); - realm = default_realm = (char *)NULL; + realm = (char *)NULL; temp_realm = 0; while (cp) { printf(" trying to look up %s in the domain_realm map\n",cp); @@ -273,10 +232,6 @@ krb5_get_host_realm(krb5_context context, const char *host, char ***realmsp) /* Setup for another test */ if (*cp == '.') { cp++; - if (default_realm == (char *)NULL) { - /* If nothing else works, use the host's domain */ - default_realm = cp; - } } else { cp = strchr(cp, '.'); } @@ -371,7 +326,29 @@ krb5_get_fallback_host_realm(krb5_context context, const char *host, char ***rea krb5_error_code retval; char local_host[MAXDNAME+1]; - printf("get_fallback_host_realm(host:%s) called\n",host); + printf("get_fallback_host_realm(host >%s<) called\n",host); + + krb5_clean_hostname(context, host, &local_host); + + /* Scan hostname for DNS realm, and save as last-ditch realm + assumption. */ + cp = local_host; + printf(" local_host: %s\n",local_host); + realm = default_realm = (char *)NULL; + temp_realm = 0; + while (cp && !default_realm) { + if (*cp == '.') { + cp++; + if (default_realm == (char *)NULL) { + /* If nothing else works, use the host's domain */ + default_realm = cp; + } + } else { + cp = strchr(cp, '.'); + } + } + printf(" done finding DNS-based default realm: >%s<\n",default_realm); + #ifdef KRB5_DNS_LOOKUP if (realm == (char *)NULL) { @@ -394,6 +371,8 @@ krb5_get_fallback_host_realm(krb5_context context, const char *host, char ***rea } } #endif /* KRB5_DNS_LOOKUP */ + + if (realm == (char *)NULL) { if (default_realm != (char *)NULL) { /* We are defaulting to the realm of the host */ @@ -426,3 +405,65 @@ krb5_get_fallback_host_realm(krb5_context context, const char *host, char ***rea *realmsp = retrealms; return 0; } + +/* + * Common code for krb5_get_host_realm and krb5_get_fallback_host_realm + * to do basic sanity checks on supplied hostname. + */ +krb5_error_code KRB5_CALLCONV +krb5_clean_hostname(krb5_context context, const char *host, char **local_hostp) +{ + char **retrealms; + char *realm, *cp, *temp_realm, *local_host; + krb5_error_code retval; + int l; + + local_host=*local_hostp; + + printf("krb5_clean_hostname called: host<%s>, local_host<%s>\n",host,local_host); + if (host) { + /* Filter out numeric addresses if the caller utterly failed to + convert them to names. */ + /* IPv4 - dotted quads only */ + if (strspn(host, "01234567890.") == strlen(host)) { + /* All numbers and dots... if it's three dots, it's an + IP address, and we reject it. But "12345" could be + a local hostname, couldn't it? We'll just assume + that a name with three dots is not meant to be an + all-numeric hostname three all-numeric domains down + from the current domain. */ + int ndots = 0; + const char *p; + for (p = host; *p; p++) + if (*p == '.') + ndots++; + if (ndots == 3) + return KRB5_ERR_NUMERIC_REALM; + } + if (strchr(host, ':')) + /* IPv6 numeric address form? Bye bye. */ + return KRB5_ERR_NUMERIC_REALM; + + /* Should probably error out if strlen(host) > MAXDNAME. */ + strncpy(local_host, host, sizeof(local_host)); + local_host[sizeof(local_host) - 1] = '\0'; + } else { + retval = krb5int_get_fq_local_hostname (local_host, + sizeof (local_host)); + if (retval) + return retval; + } + + /* fold to lowercase */ + for (cp = local_host; *cp; cp++) { + if (isupper((unsigned char) (*cp))) + *cp = tolower((unsigned char) *cp); + } + l = strlen(local_host); + /* strip off trailing dot */ + if (l && local_host[l-1] == '.') + local_host[l-1] = 0; + + printf("krb5_clean_hostname ending: host<%s>, local_host<%s>\n",host,local_host); + return 0; +} |