2 * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
35 #ifdef HAVE_RES_SEARCH
38 #ifdef HAVE_ARPA_NAMESER_H
39 #include <arpa/nameser.h>
44 RCSID("$Id: principal.c 21741 2007-07-31 16:00:37Z lha $");
46 #define princ_num_comp(P) ((P)->name.name_string.len)
47 #define princ_type(P) ((P)->name.name_type)
48 #define princ_comp(P) ((P)->name.name_string.val)
49 #define princ_ncomp(P, N) ((P)->name.name_string.val[(N)])
50 #define princ_realm(P) ((P)->realm)
52 void KRB5_LIB_FUNCTION
53 krb5_free_principal(krb5_context context,
62 void KRB5_LIB_FUNCTION
63 krb5_principal_set_type(krb5_context context,
64 krb5_principal principal,
67 princ_type(principal) = type;
71 krb5_principal_get_type(krb5_context context,
72 krb5_const_principal principal)
74 return princ_type(principal);
77 const char* KRB5_LIB_FUNCTION
78 krb5_principal_get_realm(krb5_context context,
79 krb5_const_principal principal)
81 return princ_realm(principal);
84 const char* KRB5_LIB_FUNCTION
85 krb5_principal_get_comp_string(krb5_context context,
86 krb5_const_principal principal,
87 unsigned int component)
89 if(component >= princ_num_comp(principal))
91 return princ_ncomp(principal, component);
94 krb5_error_code KRB5_LIB_FUNCTION
95 krb5_parse_name_flags(krb5_context context,
98 krb5_principal *principal)
101 heim_general_string *comp;
102 heim_general_string realm = NULL;
114 int enterprise = (flags & KRB5_PRINCIPAL_PARSE_ENTERPRISE);
118 #define RFLAGS (KRB5_PRINCIPAL_PARSE_NO_REALM|KRB5_PRINCIPAL_PARSE_MUST_REALM)
120 if ((flags & RFLAGS) == RFLAGS) {
121 krb5_set_error_string(context, "Can't require both realm and "
122 "no realm at the same time");
123 return KRB5_ERR_NO_SERVICE;
127 /* count number of component,
128 * enterprise names only have one component
132 for(p = name; *p; p++){
135 krb5_set_error_string (context,
136 "trailing \\ in principal name");
137 return KRB5_PARSE_MALFORMED;
146 comp = calloc(ncomp, sizeof(*comp));
148 krb5_set_error_string (context, "malloc: out of memory");
153 p = start = q = s = strdup(name);
156 krb5_set_error_string (context, "malloc: out of memory");
172 krb5_set_error_string (context,
173 "trailing \\ in principal name");
174 ret = KRB5_PARSE_MALFORMED;
177 }else if(enterprise && first_at) {
180 }else if((c == '/' && !enterprise) || c == '@'){
182 krb5_set_error_string (context,
183 "part after realm in principal name");
184 ret = KRB5_PARSE_MALFORMED;
187 comp[n] = malloc(q - start + 1);
188 if (comp[n] == NULL) {
189 krb5_set_error_string (context, "malloc: out of memory");
193 memcpy(comp[n], start, q - start);
194 comp[n][q - start] = 0;
202 if(got_realm && (c == ':' || c == '/' || c == '\0')) {
203 krb5_set_error_string (context,
204 "part after realm in principal name");
205 ret = KRB5_PARSE_MALFORMED;
211 if (flags & KRB5_PRINCIPAL_PARSE_NO_REALM) {
212 krb5_set_error_string (context, "realm found in 'short' principal "
213 "expected to be without one");
214 ret = KRB5_PARSE_MALFORMED;
217 realm = malloc(q - start + 1);
219 krb5_set_error_string (context, "malloc: out of memory");
223 memcpy(realm, start, q - start);
224 realm[q - start] = 0;
226 if (flags & KRB5_PRINCIPAL_PARSE_MUST_REALM) {
227 krb5_set_error_string (context, "realm NOT found in principal "
228 "expected to be with one");
229 ret = KRB5_PARSE_MALFORMED;
231 } else if (flags & KRB5_PRINCIPAL_PARSE_NO_REALM) {
234 ret = krb5_get_default_realm (context, &realm);
239 comp[n] = malloc(q - start + 1);
240 if (comp[n] == NULL) {
241 krb5_set_error_string (context, "malloc: out of memory");
245 memcpy(comp[n], start, q - start);
246 comp[n][q - start] = 0;
249 *principal = malloc(sizeof(**principal));
250 if (*principal == NULL) {
251 krb5_set_error_string (context, "malloc: out of memory");
256 (*principal)->name.name_type = KRB5_NT_ENTERPRISE_PRINCIPAL;
258 (*principal)->name.name_type = KRB5_NT_PRINCIPAL;
259 (*principal)->name.name_string.val = comp;
260 princ_num_comp(*principal) = n;
261 (*principal)->realm = realm;
274 krb5_error_code KRB5_LIB_FUNCTION
275 krb5_parse_name(krb5_context context,
277 krb5_principal *principal)
279 return krb5_parse_name_flags(context, name, 0, principal);
282 static const char quotable_chars[] = " \n\t\b\\/@";
283 static const char replace_chars[] = " ntb\\/@";
284 static const char nq_chars[] = " \\/@";
286 #define add_char(BASE, INDEX, LEN, C) do { if((INDEX) < (LEN)) (BASE)[(INDEX)++] = (C); }while(0);
289 quote_string(const char *s, char *out, size_t idx, size_t len, int display)
292 for(p = s; *p && idx < len; p++){
293 q = strchr(quotable_chars, *p);
295 add_char(out, idx, len, replace_chars[q - quotable_chars]);
297 add_char(out, idx, len, '\\');
298 add_char(out, idx, len, replace_chars[q - quotable_chars]);
300 add_char(out, idx, len, *p);
308 static krb5_error_code
309 unparse_name_fixed(krb5_context context,
310 krb5_const_principal principal,
317 int short_form = (flags & KRB5_PRINCIPAL_UNPARSE_SHORT) != 0;
318 int no_realm = (flags & KRB5_PRINCIPAL_UNPARSE_NO_REALM) != 0;
319 int display = (flags & KRB5_PRINCIPAL_UNPARSE_DISPLAY) != 0;
321 if (!no_realm && princ_realm(principal) == NULL) {
322 krb5_set_error_string(context, "Realm missing from principal, "
327 for(i = 0; i < princ_num_comp(principal); i++){
329 add_char(name, idx, len, '/');
330 idx = quote_string(princ_ncomp(principal, i), name, idx, len, display);
332 krb5_set_error_string(context, "Out of space printing principal");
336 /* add realm if different from default realm */
337 if(short_form && !no_realm) {
340 ret = krb5_get_default_realm(context, &r);
343 if(strcmp(princ_realm(principal), r) != 0)
347 if(!short_form && !no_realm) {
348 add_char(name, idx, len, '@');
349 idx = quote_string(princ_realm(principal), name, idx, len, display);
351 krb5_set_error_string(context,
352 "Out of space printing realm of principal");
359 krb5_error_code KRB5_LIB_FUNCTION
360 krb5_unparse_name_fixed(krb5_context context,
361 krb5_const_principal principal,
365 return unparse_name_fixed(context, principal, name, len, 0);
368 krb5_error_code KRB5_LIB_FUNCTION
369 krb5_unparse_name_fixed_short(krb5_context context,
370 krb5_const_principal principal,
374 return unparse_name_fixed(context, principal, name, len,
375 KRB5_PRINCIPAL_UNPARSE_SHORT);
378 krb5_error_code KRB5_LIB_FUNCTION
379 krb5_unparse_name_fixed_flags(krb5_context context,
380 krb5_const_principal principal,
385 return unparse_name_fixed(context, principal, name, len, flags);
388 static krb5_error_code
389 unparse_name(krb5_context context,
390 krb5_const_principal principal,
394 size_t len = 0, plen;
398 if (princ_realm(principal)) {
399 plen = strlen(princ_realm(principal));
401 if(strcspn(princ_realm(principal), quotable_chars) == plen)
407 for(i = 0; i < princ_num_comp(principal); i++){
408 plen = strlen(princ_ncomp(principal, i));
409 if(strcspn(princ_ncomp(principal, i), quotable_chars) == plen)
418 krb5_set_error_string (context, "malloc: out of memory");
421 ret = unparse_name_fixed(context, principal, *name, len, flags);
429 krb5_error_code KRB5_LIB_FUNCTION
430 krb5_unparse_name(krb5_context context,
431 krb5_const_principal principal,
434 return unparse_name(context, principal, name, 0);
437 krb5_error_code KRB5_LIB_FUNCTION
438 krb5_unparse_name_flags(krb5_context context,
439 krb5_const_principal principal,
443 return unparse_name(context, principal, name, flags);
446 krb5_error_code KRB5_LIB_FUNCTION
447 krb5_unparse_name_short(krb5_context context,
448 krb5_const_principal principal,
451 return unparse_name(context, principal, name, KRB5_PRINCIPAL_UNPARSE_SHORT);
454 #if 0 /* not implemented */
456 krb5_error_code KRB5_LIB_FUNCTION
457 krb5_unparse_name_ext(krb5_context context,
458 krb5_const_principal principal,
462 krb5_abortx(context, "unimplemented krb5_unparse_name_ext called");
467 krb5_realm * KRB5_LIB_FUNCTION
468 krb5_princ_realm(krb5_context context,
469 krb5_principal principal)
471 return &princ_realm(principal);
475 void KRB5_LIB_FUNCTION
476 krb5_princ_set_realm(krb5_context context,
477 krb5_principal principal,
480 princ_realm(principal) = *realm;
484 krb5_error_code KRB5_LIB_FUNCTION
485 krb5_build_principal(krb5_context context,
486 krb5_principal *principal,
488 krb5_const_realm realm,
494 ret = krb5_build_principal_va(context, principal, rlen, realm, ap);
499 static krb5_error_code
500 append_component(krb5_context context, krb5_principal p,
504 heim_general_string *tmp;
505 size_t len = princ_num_comp(p);
507 tmp = realloc(princ_comp(p), (len + 1) * sizeof(*tmp));
509 krb5_set_error_string (context, "malloc: out of memory");
513 princ_ncomp(p, len) = malloc(comp_len + 1);
514 if (princ_ncomp(p, len) == NULL) {
515 krb5_set_error_string (context, "malloc: out of memory");
518 memcpy (princ_ncomp(p, len), comp, comp_len);
519 princ_ncomp(p, len)[comp_len] = '\0';
525 va_ext_princ(krb5_context context, krb5_principal p, va_list ap)
530 len = va_arg(ap, int);
533 s = va_arg(ap, const char*);
534 append_component(context, p, s, len);
539 va_princ(krb5_context context, krb5_principal p, va_list ap)
543 s = va_arg(ap, const char*);
546 append_component(context, p, s, strlen(s));
551 static krb5_error_code
552 build_principal(krb5_context context,
553 krb5_principal *principal,
555 krb5_const_realm realm,
556 void (*func)(krb5_context, krb5_principal, va_list),
561 p = calloc(1, sizeof(*p));
563 krb5_set_error_string (context, "malloc: out of memory");
566 princ_type(p) = KRB5_NT_PRINCIPAL;
568 princ_realm(p) = strdup(realm);
569 if(p->realm == NULL){
571 krb5_set_error_string (context, "malloc: out of memory");
575 (*func)(context, p, ap);
580 krb5_error_code KRB5_LIB_FUNCTION
581 krb5_make_principal(krb5_context context,
582 krb5_principal *principal,
583 krb5_const_realm realm,
590 ret = krb5_get_default_realm(context, &r);
596 ret = krb5_build_principal_va(context, principal, strlen(realm), realm, ap);
603 krb5_error_code KRB5_LIB_FUNCTION
604 krb5_build_principal_va(krb5_context context,
605 krb5_principal *principal,
607 krb5_const_realm realm,
610 return build_principal(context, principal, rlen, realm, va_princ, ap);
613 krb5_error_code KRB5_LIB_FUNCTION
614 krb5_build_principal_va_ext(krb5_context context,
615 krb5_principal *principal,
617 krb5_const_realm realm,
620 return build_principal(context, principal, rlen, realm, va_ext_princ, ap);
624 krb5_error_code KRB5_LIB_FUNCTION
625 krb5_build_principal_ext(krb5_context context,
626 krb5_principal *principal,
628 krb5_const_realm realm,
634 ret = krb5_build_principal_va_ext(context, principal, rlen, realm, ap);
640 krb5_error_code KRB5_LIB_FUNCTION
641 krb5_copy_principal(krb5_context context,
642 krb5_const_principal inprinc,
643 krb5_principal *outprinc)
645 krb5_principal p = malloc(sizeof(*p));
647 krb5_set_error_string (context, "malloc: out of memory");
650 if(copy_Principal(inprinc, p)) {
652 krb5_set_error_string (context, "malloc: out of memory");
660 * return TRUE iff princ1 == princ2 (without considering the realm)
663 krb5_boolean KRB5_LIB_FUNCTION
664 krb5_principal_compare_any_realm(krb5_context context,
665 krb5_const_principal princ1,
666 krb5_const_principal princ2)
669 if(princ_num_comp(princ1) != princ_num_comp(princ2))
671 for(i = 0; i < princ_num_comp(princ1); i++){
672 if(strcmp(princ_ncomp(princ1, i), princ_ncomp(princ2, i)) != 0)
679 * return TRUE iff princ1 == princ2
682 krb5_boolean KRB5_LIB_FUNCTION
683 krb5_principal_compare(krb5_context context,
684 krb5_const_principal princ1,
685 krb5_const_principal princ2)
687 if(!krb5_realm_compare(context, princ1, princ2))
689 return krb5_principal_compare_any_realm(context, princ1, princ2);
693 * return TRUE iff realm(princ1) == realm(princ2)
696 krb5_boolean KRB5_LIB_FUNCTION
697 krb5_realm_compare(krb5_context context,
698 krb5_const_principal princ1,
699 krb5_const_principal princ2)
701 return strcmp(princ_realm(princ1), princ_realm(princ2)) == 0;
705 * return TRUE iff princ matches pattern
708 krb5_boolean KRB5_LIB_FUNCTION
709 krb5_principal_match(krb5_context context,
710 krb5_const_principal princ,
711 krb5_const_principal pattern)
714 if(princ_num_comp(princ) != princ_num_comp(pattern))
716 if(fnmatch(princ_realm(pattern), princ_realm(princ), 0) != 0)
718 for(i = 0; i < princ_num_comp(princ); i++){
719 if(fnmatch(princ_ncomp(pattern, i), princ_ncomp(princ, i), 0) != 0)
726 static struct v4_name_convert {
729 } default_v4_name_convert[] = {
731 { "hprop", "hprop" },
740 * return the converted instance name of `name' in `realm'.
741 * look in the configuration file and then in the default set above.
742 * return NULL if no conversion is appropriate.
746 get_name_conversion(krb5_context context, const char *realm, const char *name)
748 struct v4_name_convert *q;
751 p = krb5_config_get_string(context, NULL, "realms", realm,
752 "v4_name_convert", "host", name, NULL);
754 p = krb5_config_get_string(context, NULL, "libdefaults",
755 "v4_name_convert", "host", name, NULL);
759 /* XXX should be possible to override default list */
760 p = krb5_config_get_string(context, NULL,
769 p = krb5_config_get_string(context, NULL,
777 for(q = default_v4_name_convert; q->from; q++)
778 if(strcmp(q->from, name) == 0)
784 * convert the v4 principal `name.instance@realm' to a v5 principal in `princ'.
785 * if `resolve', use DNS.
786 * if `func', use that function for validating the conversion
789 krb5_error_code KRB5_LIB_FUNCTION
790 krb5_425_conv_principal_ext2(krb5_context context,
792 const char *instance,
794 krb5_boolean (*func)(krb5_context,
795 void *, krb5_principal),
797 krb5_boolean resolve,
798 krb5_principal *princ)
803 char host[MAXHOSTNAMELEN];
804 char local_hostname[MAXHOSTNAMELEN];
806 /* do the following: if the name is found in the
807 `v4_name_convert:host' part, is assumed to be a `host' type
808 principal, and the instance is looked up in the
809 `v4_instance_convert' part. if not found there the name is
810 (optionally) looked up as a hostname, and if that doesn't yield
811 anything, the `default_domain' is appended to the instance
816 if(instance[0] == 0){
820 p = get_name_conversion(context, realm, name);
824 p = krb5_config_get_string(context, NULL, "realms", realm,
825 "v4_instance_convert", instance, NULL);
828 ret = krb5_make_principal(context, &pr, realm, name, instance, NULL);
829 if(func == NULL || (*func)(context, funcctx, pr)){
833 krb5_free_principal(context, pr);
835 krb5_clear_error_string (context);
836 return HEIM_ERR_V4_PRINC_NO_CONV;
839 krb5_boolean passed = FALSE;
844 r = dns_lookup(instance, "aaaa");
846 if (r->head && r->head->type == T_AAAA) {
847 inst = strdup(r->head->domain);
852 r = dns_lookup(instance, "a");
854 if(r->head && r->head->type == T_A) {
855 inst = strdup(r->head->domain);
862 struct addrinfo hints, *ai;
864 memset (&hints, 0, sizeof(hints));
865 hints.ai_flags = AI_CANONNAME;
866 ret = getaddrinfo(instance, NULL, &hints, &ai);
868 const struct addrinfo *a;
869 for (a = ai; a != NULL; a = a->ai_next) {
870 if (a->ai_canonname != NULL) {
871 inst = strdup (a->ai_canonname);
881 krb5_set_error_string (context, "malloc: out of memory");
885 ret = krb5_make_principal(context, &pr, realm, name, inst,
889 if(func == NULL || (*func)(context, funcctx, pr)){
893 krb5_free_principal(context, pr);
898 snprintf(host, sizeof(host), "%s.%s", instance, realm);
900 ret = krb5_make_principal(context, &pr, realm, name, host, NULL);
901 if((*func)(context, funcctx, pr)){
905 krb5_free_principal(context, pr);
909 * if the instance is the first component of the local hostname,
910 * the converted host should be the long hostname.
914 gethostname (local_hostname, sizeof(local_hostname)) == 0 &&
915 strncmp(instance, local_hostname, strlen(instance)) == 0 &&
916 local_hostname[strlen(instance)] == '.') {
917 strlcpy(host, local_hostname, sizeof(host));
923 domains = krb5_config_get_strings(context, NULL, "realms", realm,
925 for(d = domains; d && *d; d++){
926 snprintf(host, sizeof(host), "%s.%s", instance, *d);
927 ret = krb5_make_principal(context, &pr, realm, name, host, NULL);
928 if(func == NULL || (*func)(context, funcctx, pr)){
930 krb5_config_free_strings(domains);
933 krb5_free_principal(context, pr);
935 krb5_config_free_strings(domains);
939 p = krb5_config_get_string(context, NULL, "realms", realm,
940 "default_domain", NULL);
942 /* this should be an error, just faking a name is not good */
943 krb5_clear_error_string (context);
944 return HEIM_ERR_V4_PRINC_NO_CONV;
949 snprintf(host, sizeof(host), "%s.%s", instance, p);
951 ret = krb5_make_principal(context, &pr, realm, name, host, NULL);
952 if(func == NULL || (*func)(context, funcctx, pr)){
956 krb5_free_principal(context, pr);
957 krb5_clear_error_string (context);
958 return HEIM_ERR_V4_PRINC_NO_CONV;
960 p = krb5_config_get_string(context, NULL,
968 p = krb5_config_get_string(context, NULL,
977 ret = krb5_make_principal(context, &pr, realm, name, instance, NULL);
978 if(func == NULL || (*func)(context, funcctx, pr)){
982 krb5_free_principal(context, pr);
983 krb5_clear_error_string (context);
984 return HEIM_ERR_V4_PRINC_NO_CONV;
988 convert_func(krb5_context conxtext, void *funcctx, krb5_principal principal)
990 krb5_boolean (*func)(krb5_context, krb5_principal) = funcctx;
991 return (*func)(conxtext, principal);
994 krb5_error_code KRB5_LIB_FUNCTION
995 krb5_425_conv_principal_ext(krb5_context context,
997 const char *instance,
999 krb5_boolean (*func)(krb5_context, krb5_principal),
1000 krb5_boolean resolve,
1001 krb5_principal *principal)
1003 return krb5_425_conv_principal_ext2(context,
1007 func ? convert_func : NULL,
1015 krb5_error_code KRB5_LIB_FUNCTION
1016 krb5_425_conv_principal(krb5_context context,
1018 const char *instance,
1020 krb5_principal *princ)
1022 krb5_boolean resolve = krb5_config_get_bool(context,
1025 "v4_instance_resolve",
1028 return krb5_425_conv_principal_ext(context, name, instance, realm,
1029 NULL, resolve, princ);
1034 check_list(const krb5_config_binding *l, const char *name, const char **out)
1037 if (l->type != krb5_config_string)
1039 if(strcmp(name, l->u.string) == 0) {
1049 name_convert(krb5_context context, const char *name, const char *realm,
1052 const krb5_config_binding *l;
1053 l = krb5_config_get_list (context,
1060 if(l && check_list(l, name, out))
1061 return KRB5_NT_SRV_HST;
1062 l = krb5_config_get_list (context,
1068 if(l && check_list(l, name, out))
1069 return KRB5_NT_SRV_HST;
1070 l = krb5_config_get_list (context,
1077 if(l && check_list(l, name, out))
1078 return KRB5_NT_UNKNOWN;
1079 l = krb5_config_get_list (context,
1085 if(l && check_list(l, name, out))
1086 return KRB5_NT_UNKNOWN;
1088 /* didn't find it in config file, try built-in list */
1090 struct v4_name_convert *q;
1091 for(q = default_v4_name_convert; q->from; q++) {
1092 if(strcmp(name, q->to) == 0) {
1094 return KRB5_NT_SRV_HST;
1102 * convert the v5 principal in `principal' into a v4 corresponding one
1103 * in `name, instance, realm'
1104 * this is limited interface since there's no length given for these
1105 * three parameters. They have to be 40 bytes each (ANAME_SZ).
1108 krb5_error_code KRB5_LIB_FUNCTION
1109 krb5_524_conv_principal(krb5_context context,
1110 const krb5_principal principal,
1115 const char *n, *i, *r;
1117 int type = princ_type(principal);
1118 const int aname_sz = 40;
1120 r = principal->realm;
1122 switch(principal->name.name_string.len){
1124 n = principal->name.name_string.val[0];
1128 n = principal->name.name_string.val[0];
1129 i = principal->name.name_string.val[1];
1132 krb5_set_error_string (context,
1133 "cannot convert a %d component principal",
1134 principal->name.name_string.len);
1135 return KRB5_PARSE_MALFORMED;
1140 int t = name_convert(context, n, r, &tmp);
1147 if(type == KRB5_NT_SRV_HST){
1150 strlcpy (tmpinst, i, sizeof(tmpinst));
1151 p = strchr(tmpinst, '.');
1157 if (strlcpy (name, n, aname_sz) >= aname_sz) {
1158 krb5_set_error_string (context,
1159 "too long name component to convert");
1160 return KRB5_PARSE_MALFORMED;
1162 if (strlcpy (instance, i, aname_sz) >= aname_sz) {
1163 krb5_set_error_string (context,
1164 "too long instance component to convert");
1165 return KRB5_PARSE_MALFORMED;
1167 if (strlcpy (realm, r, aname_sz) >= aname_sz) {
1168 krb5_set_error_string (context,
1169 "too long realm component to convert");
1170 return KRB5_PARSE_MALFORMED;
1176 * Create a principal in `ret_princ' for the service `sname' running
1177 * on host `hostname'. */
1179 krb5_error_code KRB5_LIB_FUNCTION
1180 krb5_sname_to_principal (krb5_context context,
1181 const char *hostname,
1184 krb5_principal *ret_princ)
1186 krb5_error_code ret;
1187 char localhost[MAXHOSTNAMELEN];
1188 char **realms, *host = NULL;
1190 if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) {
1191 krb5_set_error_string (context, "unsupported name type %d",
1193 return KRB5_SNAME_UNSUPP_NAMETYPE;
1195 if(hostname == NULL) {
1196 gethostname(localhost, sizeof(localhost));
1197 hostname = localhost;
1201 if(type == KRB5_NT_SRV_HST) {
1202 ret = krb5_expand_hostname_realms (context, hostname,
1209 ret = krb5_get_host_realm(context, hostname, &realms);
1214 ret = krb5_make_principal(context, ret_princ, realms[0], sname,
1218 krb5_free_host_realm(context, realms);
1222 static const struct {
1226 { "UNKNOWN", KRB5_NT_UNKNOWN },
1227 { "PRINCIPAL", KRB5_NT_PRINCIPAL },
1228 { "SRV_INST", KRB5_NT_SRV_INST },
1229 { "SRV_HST", KRB5_NT_SRV_HST },
1230 { "SRV_XHST", KRB5_NT_SRV_XHST },
1231 { "UID", KRB5_NT_UID },
1232 { "X500_PRINCIPAL", KRB5_NT_X500_PRINCIPAL },
1233 { "SMTP_NAME", KRB5_NT_SMTP_NAME },
1234 { "ENTERPRISE_PRINCIPAL", KRB5_NT_ENTERPRISE_PRINCIPAL },
1235 { "ENT_PRINCIPAL_AND_ID", KRB5_NT_ENT_PRINCIPAL_AND_ID },
1236 { "MS_PRINCIPAL", KRB5_NT_MS_PRINCIPAL },
1237 { "MS_PRINCIPAL_AND_ID", KRB5_NT_MS_PRINCIPAL_AND_ID },
1242 krb5_parse_nametype(krb5_context context, const char *str, int32_t *nametype)
1246 for(i = 0; nametypes[i].type; i++) {
1247 if (strcasecmp(nametypes[i].type, str) == 0) {
1248 *nametype = nametypes[i].value;
1252 krb5_set_error_string(context, "Failed to find name type %s", str);
1253 return KRB5_PARSE_MALFORMED;
projects / FreeBSD / releng / 9.2.git / blob