static int
expand_hostname(krb5_context context, const char *host)
{
krb5_error_code ret;
char *h, **r;
ret = krb5_expand_hostname(context, host, &h);
if (ret)
krb5_err(context, 1, ret, "krb5_expand_hostname(%s)", host);
free(h);
if (debug_flag)
printf("hostname: %s -> %s\n", host, h);
ret = krb5_expand_hostname_realms(context, host, &h, &r);
if (ret)
krb5_err(context, 1, ret, "krb5_expand_hostname_realms(%s)", host);
if (debug_flag) {
int j;
printf("hostname: %s -> %s\n", host, h);
for (j = 0; r[j]; j++) {
printf("\trealm: %s\n", r[j]);
}
}
free(h);
krb5_free_host_realm(context, r);
return 0;
}
krb5_error_code KRB5_LIB_FUNCTION
krb5_mk_req(krb5_context context,
krb5_auth_context *auth_context,
const krb5_flags ap_req_options,
const char *service,
const char *hostname,
krb5_data *in_data,
krb5_ccache ccache,
krb5_data *outbuf)
{
krb5_error_code ret;
char **realms;
char *real_hostname;
krb5_principal server;
ret = krb5_expand_hostname_realms (context, hostname,
&real_hostname, &realms);
if (ret)
return ret;
ret = krb5_build_principal (context, &server,
strlen(*realms),
*realms,
service,
real_hostname,
NULL);
free (real_hostname);
krb5_free_host_realm (context, realms);
if (ret)
return ret;
ret = krb5_mk_req_exact (context, auth_context, ap_req_options,
server, in_data, ccache, outbuf);
krb5_free_principal (context, server);
return ret;
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_sname_to_principal (krb5_context context,
const char *hostname,
const char *sname,
int32_t type,
krb5_principal *ret_princ)
{
krb5_error_code ret;
char localhost[MAXHOSTNAMELEN];
char **realms, *host = NULL;
if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) {
krb5_set_error_message(context, KRB5_SNAME_UNSUPP_NAMETYPE,
N_("unsupported name type %d", ""),
(int)type);
return KRB5_SNAME_UNSUPP_NAMETYPE;
}
if(hostname == NULL) {
ret = gethostname(localhost, sizeof(localhost) - 1);
if (ret != 0) {
ret = errno;
krb5_set_error_message(context, ret,
N_("Failed to get local hostname", ""));
return ret;
}
localhost[sizeof(localhost) - 1] = '\0';
hostname = localhost;
}
if(sname == NULL)
sname = "host";
if(type == KRB5_NT_SRV_HST) {
ret = krb5_expand_hostname_realms (context, hostname,
&host, &realms);
if (ret)
return ret;
strlwr(host);
hostname = host;
} else {
ret = krb5_get_host_realm(context, hostname, &realms);
if(ret)
return ret;
}
ret = krb5_make_principal(context, ret_princ, realms[0], sname,
hostname, NULL);
if(host)
free(host);
krb5_free_host_realm(context, realms);
return ret;
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_sname_to_principal (krb5_context context,
const char *hostname,
const char *sname,
int32_t type,
krb5_principal *ret_princ)
{
krb5_error_code ret;
char localhost[MAXHOSTNAMELEN];
char **realms;
size_t len;
if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) {
krb5_set_error_message(context, KRB5_SNAME_UNSUPP_NAMETYPE,
N_("unsupported name type %d", ""),
(int)type);
return KRB5_SNAME_UNSUPP_NAMETYPE;
}
if(hostname == NULL) {
ret = gethostname(localhost, sizeof(localhost) - 1);
if (ret != 0) {
ret = errno;
krb5_set_error_message(context, ret,
N_("Failed to get local hostname", ""));
return ret;
}
localhost[sizeof(localhost) - 1] = '\0';
} else {
strlcpy(localhost, hostname, sizeof(localhost));
}
if(sname == NULL)
sname = "host";
if(type == KRB5_NT_SRV_HST) {
char *host;
ret = krb5_expand_hostname_realms (context, localhost,
&host, &realms);
if (ret)
return ret;
strlwr(host);
strlcpy(localhost, host, sizeof(localhost));
free(host);
} else {
ret = krb5_get_host_realm(context, hostname, &realms);
if(ret)
return ret;
}
/*
* Squash any trailing . on the hostname since that is jolly good
* to have when looking up a DNS name (qualified), but its no good
* to have in the kerberos principal since those are supposed to
* be in qualified format already.
*/
len = strlen(localhost);
if (len > 0 && localhost[len - 1] == '.')
localhost[len - 1] = '\0';
ret = krb5_make_principal(context, ret_princ, realms[0], sname,
localhost, NULL);
krb5_free_host_realm(context, realms);
return ret;
}
