diff options
author | Ken Raeburn <raeburn@mit.edu> | 2002-07-08 19:49:39 +0000 |
---|---|---|
committer | Ken Raeburn <raeburn@mit.edu> | 2002-07-08 19:49:39 +0000 |
commit | 7b9ea4f7834eff53ff5606cbea75fe1c39d6c146 (patch) | |
tree | 7de7420e51adc2baf379ba7036d601aecc8dc8ba /src/lib/krb5/os/sn2princ.c | |
parent | e30be15aa7fef3e9d02334670b6f4d34a8e4380d (diff) | |
download | krb5-7b9ea4f7834eff53ff5606cbea75fe1c39d6c146.zip krb5-7b9ea4f7834eff53ff5606cbea75fe1c39d6c146.tar.gz krb5-7b9ea4f7834eff53ff5606cbea75fe1c39d6c146.tar.bz2 |
* localaddr.c (get_localaddrs): Split out main body of krb5_os_localaddr, add
an argument to indicate whether addresses listed in the profile should be
included.
(krb5_os_localaddr): Call it.
(krb5int_local_addresses): Call get_localaddrs but skip profile-listed
addresses.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14616 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/os/sn2princ.c')
-rw-r--r-- | src/lib/krb5/os/sn2princ.c | 66 |
1 files changed, 51 insertions, 15 deletions
diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c index ba32c0a..0a3141c 100644 --- a/src/lib/krb5/os/sn2princ.c +++ b/src/lib/krb5/os/sn2princ.c @@ -1,7 +1,7 @@ /* * lib/krb5/os/sn2princ.c * - * Copyright 1991 by the Massachusetts Institute of Technology. + * Copyright 1991,2002 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -30,6 +30,7 @@ #define NEED_SOCKETS #include "k5-int.h" +#include "fake-addrinfo.h" #include <ctype.h> #ifdef HAVE_SYS_PARAM_H #include <sys/param.h> @@ -43,7 +44,6 @@ krb5_sname_to_principal(context, hostname, sname, type, ret_princ) krb5_int32 type; krb5_principal * ret_princ; { - struct hostent *hp; char **hrealms, *realm, *remote_host; krb5_error_code retval; register char *cp; @@ -67,27 +67,63 @@ krb5_sname_to_principal(context, hostname, sname, type, ret_princ) /* copy the hostname into non-volatile storage */ if (type == KRB5_NT_SRV_HST) { - char *addr; - - if (!(hp = gethostbyname(hostname))) + struct addrinfo *ai, hints; + int err; + char hnamebuf[NI_MAXHOST]; + + if (strspn(hostname, "01234567890.") == strlen(hostname)) { + /* All numbers and dots... if it's three dots, it's an + IP address, and we reject it. But "12345" could be + a local hostname, couldn't it? We'll just assume + that a name with three dots is not meant to be an + all-numeric hostname three all-numeric domains down + from the current domain. */ + int ndots = 0; + const char *p; + for (p = hostname; *p; p++) + if (*p == '.') + ndots++; + if (ndots == 3) + return KRB5_ERR_BAD_HOSTNAME; + } + if (strchr(hostname, ':')) + /* IPv6 numeric address form? Bye bye. */ + return KRB5_ERR_BAD_HOSTNAME; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_INET; + try_getaddrinfo_again: + err = getaddrinfo(hostname, 0, &hints, &ai); + if (err) { + if (hints.ai_family == AF_INET) { + /* Just in case it's an IPv6-only name. */ + hints.ai_family = 0; + goto try_getaddrinfo_again; + } return KRB5_ERR_BAD_HOSTNAME; - remote_host = strdup(hp->h_name); - if (!remote_host) + } + remote_host = strdup(ai->ai_canonname ? ai->ai_canonname : hostname); + if (!remote_host) { + freeaddrinfo(ai); return ENOMEM; + } /* * Do a reverse resolution to get the full name, just in * case there's some funny business going on. If there * isn't an in-addr record, give up. */ - addr = malloc(hp->h_length); - if (!addr) - return ENOMEM; - memcpy(addr, hp->h_addr, hp->h_length); - hp = gethostbyaddr(addr, hp->h_length, hp->h_addrtype); - free(addr); - if (hp) { + /* XXX: This is *so* bogus. There are several cases where + this won't get us the canonical name of the host, but + this is what we've trained people to expect. We'll + probably fix it at some point, but let's try to + preserve the current behavior and only shake things up + once when it comes time to fix this lossage. */ + err = getnameinfo(ai->ai_addr, ai->ai_addrlen, + hnamebuf, sizeof(hnamebuf), 0, 0, NI_NAMEREQD); + freeaddrinfo(ai); + if (err == 0) { free(remote_host); - remote_host = strdup(hp->h_name); + remote_host = strdup(hnamebuf); if (!remote_host) return ENOMEM; } |