diff options
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/krb5/os/ChangeLog | 7 | ||||
-rw-r--r-- | src/lib/krb5/os/locate_kdc.c | 18 |
2 files changed, 23 insertions, 2 deletions
diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index 1b445a6..afbfa48 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,3 +1,10 @@ +2000-08-31 Jeffrey Altman <jaltman@columbia.edu> + + * locate_kdc.c: krb5_locate_srv_dns() + Ensure that res_search() is called with a query string + that is terminated by a '.' in order to disable the + expansion of dns-search lists. + 2000-07-22 Tom Yu <tlyu@mit.edu> * accessor.c: Add NEED_SOCKETS in order to get prototype for diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c index b7e6826..25ab97b 100644 --- a/src/lib/krb5/os/locate_kdc.c +++ b/src/lib/krb5/os/locate_kdc.c @@ -359,7 +359,7 @@ krb5_locate_srv_dns(realm, service, protocol, addr_pp, naddrs) int priority; int weight; unsigned short port; - char *host; + char *host, *h; }; struct srv_dns_entry *head = NULL; @@ -383,12 +383,26 @@ krb5_locate_srv_dns(realm, service, protocol, addr_pp, naddrs) * */ - if ( strlen(service) + strlen(protocol) + realm->length + 5 + if ( strlen(service) + strlen(protocol) + realm->length + 6 > MAX_DNS_NAMELEN ) goto out; sprintf(host, "%s.%s.%.*s", service, protocol, realm->length, realm->data); + /* Realm names don't (normally) end with ".", but if the query + doesn't end with "." and doesn't get an answer as is, the + resolv code will try appending the local domain. Since the + realm names are absolutes, let's stop that. + + But only if a name has been specified. If we are performing + a search on the prefix alone then the intention is to allow + the local domain or domain search lists to be expanded. + */ + + h = host + strlen (host); + if ((h > host) && (h[-1] != '.') && ((h - host + 1) < sizeof(host))) + strcpy (h, "."); + size = res_search(host, C_IN, T_SRV, answer.bytes, sizeof(answer.bytes)); if (size < hdrsize) |