diff options
Diffstat (limited to 'source4/heimdal/lib/krb5/principal.c')
-rw-r--r-- | source4/heimdal/lib/krb5/principal.c | 123 |
1 files changed, 48 insertions, 75 deletions
diff --git a/source4/heimdal/lib/krb5/principal.c b/source4/heimdal/lib/krb5/principal.c index f27355f2d8..50b7bb8813 100644 --- a/source4/heimdal/lib/krb5/principal.c +++ b/source4/heimdal/lib/krb5/principal.c @@ -32,7 +32,7 @@ */ /** - * @page page_principal The principal handing functions. + * @page krb5_principal_intro The principal handing functions. * * A Kerberos principal is a email address looking string that * contains to parts separeted by a @. The later part is the kerbero @@ -57,8 +57,6 @@ host/admin@H5L.ORG #include <fnmatch.h> #include "resolve.h" -RCSID("$Id$"); - #define princ_num_comp(P) ((P)->name.name_string.len) #define princ_type(P) ((P)->name.name_type) #define princ_comp(P) ((P)->name.name_string.val) @@ -78,8 +76,6 @@ RCSID("$Id$"); * @ingroup krb5_principal */ - - void KRB5_LIB_FUNCTION krb5_free_principal(krb5_context context, krb5_principal p) @@ -90,6 +86,18 @@ krb5_free_principal(krb5_context context, } } +/** + * Set the type of the principal + * + * @param context A Kerberos context. + * @param principal principal to set the type for + * @param type the new type + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + void KRB5_LIB_FUNCTION krb5_principal_set_type(krb5_context context, krb5_principal principal, @@ -127,8 +135,10 @@ krb5_principal_get_comp_string(krb5_context context, * * @param context Kerberos 5 context * @param principal principal to query + * * @return number of components in string - * @ingroup krb5 + * + * @ingroup krb5_principal */ unsigned int KRB5_LIB_FUNCTION @@ -162,7 +172,7 @@ krb5_parse_name_flags(krb5_context context, *principal = NULL; -#define RFLAGS (KRB5_PRINCIPAL_PARSE_NO_REALM|KRB5_PRINCIPAL_PARSE_MUST_REALM) +#define RFLAGS (KRB5_PRINCIPAL_PARSE_NO_REALM|KRB5_PRINCIPAL_PARSE_REQUIRE_REALM) if ((flags & RFLAGS) == RFLAGS) { krb5_set_error_message(context, KRB5_ERR_NO_SERVICE, @@ -276,7 +286,7 @@ krb5_parse_name_flags(krb5_context context, memcpy(realm, start, q - start); realm[q - start] = 0; }else{ - if (flags & KRB5_PRINCIPAL_PARSE_MUST_REALM) { + if (flags & KRB5_PRINCIPAL_PARSE_REQUIRE_REALM) { ret = KRB5_PARSE_MALFORMED; krb5_set_error_message(context, ret, N_("realm NOT found in principal " @@ -524,22 +534,6 @@ krb5_unparse_name_ext(krb5_context context, #endif -krb5_realm * KRB5_LIB_FUNCTION -krb5_princ_realm(krb5_context context, - krb5_principal principal) -{ - return &princ_realm(principal); -} - - -void KRB5_LIB_FUNCTION -krb5_princ_set_realm(krb5_context context, - krb5_principal principal, - krb5_realm *realm) -{ - princ_realm(principal) = *realm; -} - krb5_error_code KRB5_LIB_FUNCTION krb5_principal_set_realm(krb5_context context, krb5_principal principal, @@ -821,6 +815,7 @@ krb5_principal_match(krb5_context context, return TRUE; } +#if defined(KRB4) || !defined(HEIMDAL_SMALLER) static struct v4_name_convert { const char *from; @@ -835,6 +830,10 @@ static struct v4_name_convert { { NULL, NULL } }; +#endif + +#ifdef KRB4 + /* * return the converted instance name of `name' in `realm'. * look in the configuration file and then in the default set above. @@ -925,6 +924,8 @@ krb5_425_conv_principal_ext2(krb5_context context, if(p){ instance = p; ret = krb5_make_principal(context, &pr, realm, name, instance, NULL); + if (ret) + return ret; if(func == NULL || (*func)(context, funcctx, pr)){ *princ = pr; return 0; @@ -938,23 +939,23 @@ krb5_425_conv_principal_ext2(krb5_context context, krb5_boolean passed = FALSE; char *inst = NULL; #ifdef USE_RESOLVER - struct dns_reply *r; + struct rk_dns_reply *r; - r = dns_lookup(instance, "aaaa"); + r = rk_dns_lookup(instance, "aaaa"); if (r) { - if (r->head && r->head->type == T_AAAA) { + if (r->head && r->head->type == rk_ns_t_aaaa) { inst = strdup(r->head->domain); passed = TRUE; } - dns_free_data(r); + rk_dns_free_data(r); } else { - r = dns_lookup(instance, "a"); + r = rk_dns_lookup(instance, "a"); if (r) { - if(r->head && r->head->type == T_A) { + if(r->head && r->head->type == rk_ns_t_a) { inst = strdup(r->head->domain); passed = TRUE; } - dns_free_data(r); + rk_dns_free_data(r); } } #else @@ -998,6 +999,8 @@ krb5_425_conv_principal_ext2(krb5_context context, snprintf(host, sizeof(host), "%s.%s", instance, realm); strlwr(host); ret = krb5_make_principal(context, &pr, realm, name, host, NULL); + if (ret) + return ret; if((*func)(context, funcctx, pr)){ *princ = pr; return 0; @@ -1025,6 +1028,10 @@ krb5_425_conv_principal_ext2(krb5_context context, for(d = domains; d && *d; d++){ snprintf(host, sizeof(host), "%s.%s", instance, *d); ret = krb5_make_principal(context, &pr, realm, name, host, NULL); + if (ret) { + krb5_config_free_strings(domains); + return ret; + } if(func == NULL || (*func)(context, funcctx, pr)){ *princ = pr; krb5_config_free_strings(domains); @@ -1049,6 +1056,8 @@ krb5_425_conv_principal_ext2(krb5_context context, snprintf(host, sizeof(host), "%s.%s", instance, p); local_host: ret = krb5_make_principal(context, &pr, realm, name, host, NULL); + if (ret) + return ret; if(func == NULL || (*func)(context, funcctx, pr)){ *princ = pr; return 0; @@ -1075,6 +1084,8 @@ no_host: name = p; ret = krb5_make_principal(context, &pr, realm, name, instance, NULL); + if (ret) + return ret; if(func == NULL || (*func)(context, funcctx, pr)){ *princ = pr; return 0; @@ -1084,51 +1095,9 @@ no_host: return HEIM_ERR_V4_PRINC_NO_CONV; } -static krb5_boolean -convert_func(krb5_context conxtext, void *funcctx, krb5_principal principal) -{ - krb5_boolean (*func)(krb5_context, krb5_principal) = funcctx; - return (*func)(conxtext, principal); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext(krb5_context context, - const char *name, - const char *instance, - const char *realm, - krb5_boolean (*func)(krb5_context, krb5_principal), - krb5_boolean resolve, - krb5_principal *principal) -{ - return krb5_425_conv_principal_ext2(context, - name, - instance, - realm, - func ? convert_func : NULL, - func, - resolve, - principal); -} - - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal(krb5_context context, - const char *name, - const char *instance, - const char *realm, - krb5_principal *princ) -{ - krb5_boolean resolve = krb5_config_get_bool(context, - NULL, - "libdefaults", - "v4_instance_resolve", - NULL); - - return krb5_425_conv_principal_ext(context, name, instance, realm, - NULL, resolve, princ); -} +#endif /* KRB4 */ +#ifndef HEIMDAL_SMALLER static int check_list(const krb5_config_binding *l, const char *name, const char **out) @@ -1186,6 +1155,7 @@ name_convert(krb5_context context, const char *name, const char *realm, return KRB5_NT_UNKNOWN; /* didn't find it in config file, try built-in list */ +#ifdef KRB4 { struct v4_name_convert *q; for(q = default_v4_name_convert; q->from; q++) { @@ -1195,6 +1165,7 @@ name_convert(krb5_context context, const char *name, const char *realm, } } } +#endif return -1; } @@ -1273,6 +1244,8 @@ krb5_524_conv_principal(krb5_context context, return 0; } +#endif /* !HEIMDAL_SMALLER */ + /** * Create a principal for the service running on hostname. If * KRB5_NT_SRV_HST is used, the hostname is canonization using DNS (or |