![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to krb_realmofhost.3 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / man|
Return to krb_realmofhost.3 CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / man |
1.1 root 1: .\" $Source: /usr/src/kerberosIV/man/RCS/krb_realmofhost.3,v $
2: .\" $Author: kfall $
3: .\" $Header: /usr/src/kerberosIV/man/RCS/krb_realmofhost.3,v 4.2 90/06/25 21:12:23 kfall Exp $
4: .\" Copyright 1989 by the Massachusetts Institute of Technology.
5: .\"
6: .\" For copying and distribution information,
7: .\" please see the file <mit-copyright.h>.
8: .\"
9: .TH KRB_REALMOFHOST 3 "Kerberos Version 4.0" "MIT Project Athena"
10: .SH NAME
11: krb_realmofhost, krb_get_phost, krb_get_krbhst, krb_get_admhst,
12: krb_get_lrealm \- additional Kerberos utility routines
13: .SH SYNOPSIS
14: .nf
15: .nj
16: .ft B
17: #include <kerberosIV/krb.h>
18: #include <kerberosIV/des.h>
19: #include <netinet/in.h>
20: .PP
21: .ft B
22: char *krb_realmofhost(host)
23: char *host;
24: .PP
25: .ft B
26: char *krb_get_phost(alias)
27: char *alias;
28: .PP
29: .ft B
30: krb_get_krbhst(host,realm,n)
31: char *host;
32: char *realm;
33: int n;
34: .PP
35: .ft B
36: krb_get_admhst(host,realm,n)
37: char *host;
38: char *realm;
39: int n;
40: .PP
41: .ft B
42: krb_get_lrealm(realm,n)
43: char *realm;
44: int n;
45: .fi
46: .ft R
47: .SH DESCRIPTION
48: .I krb_realmofhost
49: returns the Kerberos realm of the host
50: .IR host ,
51: as determined by the translation table
52: .IR /etc/kerberosIV/krb.realms .
53: .I host
54: should be the fully-qualified domain-style primary host name of the host
55: in question. In order to prevent certain security attacks, this routine
56: must either have
57: .I a priori
58: knowledge of a host's realm, or obtain such information securely.
59: .PP
60: The format of the translation file is described by
61: .IR krb.realms (5).
62: If
63: .I host
64: exactly matches a host_name line, the corresponding realm
65: is returned.
66: Otherwise, if the domain portion of
67: .I host
68: matches a domain_name line, the corresponding realm
69: is returned.
70: If
71: .I host
72: contains a domain, but no translation is found,
73: .IR host 's
74: domain is converted to upper-case and returned.
75: If
76: .I host
77: contains no discernable domain, or an error occurs,
78: the local realm name, as supplied by
79: .IR krb_get_lrealm (3),
80: is returned.
81: .PP
82: .I krb_get_phost
83: converts the hostname
84: .I alias
85: (which can be either an official name or an alias) into the instance
86: name to be used in obtaining Kerberos tickets for most services,
87: including the Berkeley rcmd suite (rlogin, rcp, rsh).
88: .br
89: The current convention is to return the first segment of the official
90: domain-style name after conversion to lower case.
91: .PP
92: .I krb_get_krbhst
93: fills in
94: .I host
95: with the hostname of the
96: .IR n th
97: host running a Kerberos key distribution center (KDC)
98: for realm
99: .IR realm ,
100: as specified in the configuration file (\fI/etc/kerberosIV/krb.conf\fR).
101: The configuration file is described by
102: .IR krb.conf (5).
103: If the host is successfully filled in, the routine
104: returns KSUCCESS.
105: If the file cannot be opened, and
106: .I n
107: equals 1, then the value of KRB_HOST as defined in
108: .I <krb.h>
109: is filled in, and KSUCCESS is returned. If there are fewer than
110: .I n
111: hosts running a Kerberos KDC for the requested realm, or the
112: configuration file is malformed, the routine
113: returns KFAILURE.
114: .PP
115: .I krb_get_admhst
116: fills in
117: .I host
118: with the hostname of the
119: .IR n th
120: host running a Kerberos KDC database administration server
121: for realm
122: .IR realm ,
123: as specified in the configuration file (\fI/etc/kerberosIV/krb.conf\fR).
124: If the file cannot be opened or is malformed, or there are fewer than
125: .I n
126: hosts running a Kerberos KDC database administration server,
127: the routine returns KFAILURE.
128: .PP
129: The character arrays used as return values for
130: .IR krb_get_krbhst ,
131: .IR krb_get_admhst ,
132: should be large enough to
133: hold any hostname (MAXHOSTNAMELEN from <sys/param.h>).
134: .PP
135: .I krb_get_lrealm
136: fills in
137: .I realm
138: with the
139: .IR n th
140: realm of the local host, as specified in the configuration file.
141: .I realm
142: should be at least REALM_SZ (from
143: .IR <krb.h>) characters long.
144: .PP
145: .SH SEE ALSO
146: kerberos(3), krb.conf(5), krb.realms(5)
147: .SH FILES
148: .TP 20n
149: /etc/kerberosIV/krb.realms
150: translation file for host-to-realm mapping.
151: .TP
152: /etc/kerberosIV/krb.conf
153: local realm-name and realm/server configuration file.
154: .SH BUGS
155: The current convention for instance names is too limited; the full
156: domain name should be used.
157: .PP
158: .I krb_get_lrealm
159: currently only supports
160: .I n
161: = 1. It should really consult the user's ticket cache to determine the
162: user's current realm, rather than consulting a file on the host.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.