(krb5_425_conv_principal_ext): lookup AAAA rrs before A ones when
using the resolver to verify a mapping, also use getaddrinfo when resolver is not available git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11235 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
@@ -725,46 +725,60 @@ krb5_425_conv_principal_ext(krb5_context context,
|
||||
return HEIM_ERR_V4_PRINC_NO_CONV;
|
||||
}
|
||||
if(resolve){
|
||||
const char *inst = NULL;
|
||||
krb5_boolean passed = FALSE;
|
||||
char *inst = NULL;
|
||||
#ifdef USE_RESOLVER
|
||||
struct dns_reply *r;
|
||||
r = dns_lookup(instance, "a");
|
||||
if(r && r->head && r->head->type == T_A)
|
||||
inst = r->head->domain;
|
||||
#else
|
||||
struct hostent *hp = roken_gethostbyname(instance);
|
||||
if(hp)
|
||||
inst = hp->h_name;
|
||||
#endif
|
||||
if(inst) {
|
||||
char *low_inst = strdup(inst);
|
||||
|
||||
if (low_inst == NULL) {
|
||||
#ifdef USE_RESOLVER
|
||||
r = dns_lookup(instance, "aaaa");
|
||||
if (r && r->head && r->head->type == T_AAAA) {
|
||||
inst = strdup(r->head->domain);
|
||||
dns_free_data(r);
|
||||
passed = TRUE;
|
||||
} else {
|
||||
r = dns_lookup(instance, "a");
|
||||
if(r && r->head && r->head->type == T_A) {
|
||||
inst = strdup(r->head->domain);
|
||||
dns_free_data(r);
|
||||
passed = TRUE;
|
||||
}
|
||||
}
|
||||
#else
|
||||
struct addrinfo hints, *ai;
|
||||
int ret;
|
||||
|
||||
memset (&hints, 0, sizeof(hints));
|
||||
hints.ai_flags = AI_CANONNAME;
|
||||
ret = getaddrinfo(instance, NULL, &hints, &ai);
|
||||
if (ret == 0) {
|
||||
const struct addrinfo *a;
|
||||
for (a = ai; a != NULL; a = a->ai_next) {
|
||||
if (a->ai_canonname != NULL) {
|
||||
inst = strdup (a->ai_canonname);
|
||||
passed = TRUE;
|
||||
break;
|
||||
}
|
||||
}
|
||||
freeaddrinfo (ai);
|
||||
}
|
||||
#endif
|
||||
if (passed) {
|
||||
if (inst == NULL) {
|
||||
krb5_set_error_string (context, "malloc: out of memory");
|
||||
return ENOMEM;
|
||||
}
|
||||
strlwr(low_inst);
|
||||
ret = krb5_make_principal(context, &pr, realm, name, low_inst,
|
||||
strlwr(inst);
|
||||
ret = krb5_make_principal(context, &pr, realm, name, inst,
|
||||
NULL);
|
||||
free (low_inst);
|
||||
free (inst);
|
||||
if(ret == 0) {
|
||||
if(func == NULL || (*func)(context, pr)){
|
||||
*princ = pr;
|
||||
#ifdef USE_RESOLVER
|
||||
dns_free_data(r);
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
krb5_free_principal(context, pr);
|
||||
}
|
||||
}
|
||||
#ifdef USE_RESOLVER
|
||||
if(r)
|
||||
dns_free_data(r);
|
||||
#endif
|
||||
}
|
||||
if(func != NULL) {
|
||||
snprintf(host, sizeof(host), "%s.%s", instance, realm);
|
||||
|
Reference in New Issue
Block a user