static void
test_get_realm_domain(krb5_context ctx, char *realm)
{
krb5_error_code retval;
char *domain;
retval = krb5_get_realm_domain(ctx, realm, &domain);
if (retval) {
com_err("krb5_get_realm_domain", retval, 0);
return;
}
printf("krb5_get_realm_domain(%s) returned '%s'\n", realm, domain);
free(domain);
}
krb5_error_code KRB5_CALLCONV
krb5_425_conv_principal(krb5_context context, const char *name,
const char *instance, const char *realm,
krb5_principal *princ)
{
const struct krb_convert *p;
char buf[256]; /* V4 instances are limited to 40 characters */
krb5_error_code retval;
char *domain, *cp;
char **full_name = 0;
const char *names[5], *names2[2];
void* iterator = NULL;
char** v4realms = NULL;
char* realm_name = NULL;
char* dummy_value = NULL;
/* First, convert the realm, since the v4 realm is not necessarily the same as the v5 realm
To do that, iterate over all the realms in the config file, looking for a matching
v4_realm line */
names2 [0] = "realms";
names2 [1] = NULL;
retval = profile_iterator_create (context -> profile, names2, PROFILE_ITER_LIST_SECTION | PROFILE_ITER_SECTIONS_ONLY, &iterator);
while (retval == 0) {
retval = profile_iterator (&iterator, &realm_name, &dummy_value);
if ((retval == 0) && (realm_name != NULL)) {
names [0] = "realms";
names [1] = realm_name;
names [2] = "v4_realm";
names [3] = NULL;
retval = profile_get_values (context -> profile, names, &v4realms);
if ((retval == 0) && (v4realms != NULL) && (v4realms [0] != NULL) && (strcmp (v4realms [0], realm) == 0)) {
realm = realm_name;
break;
} else if (retval == PROF_NO_RELATION) {
/* If it's not found, just keep going */
retval = 0;
}
} else if ((retval == 0) && (realm_name == NULL)) {
break;
}
if (v4realms != NULL) {
profile_free_list(v4realms);
v4realms = NULL;
}
if (realm_name != NULL) {
profile_release_string (realm_name);
realm_name = NULL;
}
if (dummy_value != NULL) {
profile_release_string (dummy_value);
dummy_value = NULL;
}
}
if (instance) {
if (instance[0] == '\0') {
instance = 0;
goto not_service;
}
p = sconv_list;
while (1) {
if (!p->v4_str)
goto not_service;
if (!strcmp(p->v4_str, name))
break;
p++;
}
name = p->v5_str;
if ((p->flags & DO_REALM_CONVERSION) && !strchr(instance, '.')) {
names[0] = "realms";
names[1] = realm;
names[2] = "v4_instance_convert";
names[3] = instance;
names[4] = 0;
retval = profile_get_values(context->profile, names, &full_name);
if (retval == 0 && full_name && full_name[0]) {
instance = full_name[0];
} else {
strncpy(buf, instance, sizeof(buf));
buf[sizeof(buf) - 1] = '\0';
retval = krb5_get_realm_domain(context, realm, &domain);
if (retval)
return retval;
if (domain) {
for (cp = domain; *cp; cp++)
if (isupper((unsigned char) (*cp)))
*cp = tolower((unsigned char) *cp);
strncat(buf, ".", sizeof(buf) - 1 - strlen(buf));
strncat(buf, domain, sizeof(buf) - 1 - strlen(buf));
krb5_xfree(domain);
}
instance = buf;
}
}
}
not_service:
retval = krb5_build_principal(context, princ, strlen(realm), realm, name,
instance, NULL);
if (iterator) profile_iterator_free (&iterator);
if (full_name) profile_free_list(full_name);
if (v4realms) profile_free_list(v4realms);
if (realm_name) profile_release_string (realm_name);
if (dummy_value) profile_release_string (dummy_value);
return retval;
}
