FreeBSD Manual Pages
KRB_REALMOFHOST(3) Library Functions Manual KRB_REALMOFHOST(3) NAME krb_realmofhost, krb_get_phost, krb_get_krbhst, krb_get_admhst, krb_get_lrealm - additional Kerberos utility routines SYNOPSIS #include <krb.h> #include <des.h> #include <netinet/in.h> char *krb_realmofhost(host) char *host; char *krb_get_phost(alias) char *alias; krb_get_krbhst(host,realm,n) char *host; char *realm; int n; krb_get_admhst(host,realm,n) char *host; char *realm; int n; krb_get_lrealm(realm,n) char *realm; int n; DESCRIPTION krb_realmofhost returns the Kerberos realm of the host host, as deter- mined by the translation table /etc/krb.realms. host should be the fully-qualified domain-style primary host name of the host in question. In order to prevent certain security attacks, this routine must either have a priori knowledge of a host's realm, or obtain such information securely. The format of the translation file is described by krb.realms(5). If host exactly matches a host_name line, the corresponding realm is re- turned. Otherwise, if the domain portion of host matches a domain_name line, the corresponding realm is returned. If host contains a domain, but no translation is found, host's domain is converted to upper-case and returned. If host contains no discernable domain, or an error oc- curs, the local realm name, as supplied by krb_get_lrealm(3), is re- turned. krb_get_phost converts the hostname alias (which can be either an offi- cial name or an alias) into the instance name to be used in obtaining Kerberos tickets for most services, including the Berkeley rcmd suite (rlogin, rcp, rsh). The current convention is to return the first segment of the official domain-style name after conversion to lower case. krb_get_krbhst fills in host with the hostname of the nth host running a Kerberos key distribution center (KDC) for realm realm, as specified in the configuration file (/etc/krb.conf). The configuration file is described by krb.conf(5). If the host is successfully filled in, the routine returns KSUCCESS. If the file cannot be opened, and n equals 1, then the value of KRB_HOST as defined in _krb.h_ is filled in, and KSUCCESS is returned. If there are fewer than n hosts running a Ker- beros KDC for the requested realm, or the configuration file is mal- formed, the routine returns KFAILURE. krb_get_admhst fills in host with the hostname of the nth host running a Kerberos KDC database administration server for realm realm, as spec- ified in the configuration file (/etc/krb.conf). If the file cannot be opened or is malformed, or there are fewer than n hosts running a Ker- beros KDC database administration server, the routine returns KFAILURE. The character arrays used as return values for krb_get_krbhst, krb_get_admhst, should be large enough to hold any hostname (MAXHOST- NAMELEN from <sys/param.h>). krb_get_lrealm fills in realm with the nth realm of the local host, as specified in the configuration file. realm should be at least REALM_SZ (from _krb.h_)characterslong. SEE ALSO kerberos(3), krb.conf(5), krb.realms(5) FILES /etc/krb.realms translation file for host-to-realm mapping. /etc/krb.conf local realm-name and realm/server configuration file. BUGS The current convention for instance names is too limited; the full do- main name should be used. krb_get_lrealm currently only supports n = 1. It should really consult the user's ticket cache to determine the user's current realm, rather than consulting a file on the host. MIT Project Athena Kerberos Version 4.0 KRB_REALMOFHOST(3)
NAME | SYNOPSIS | DESCRIPTION | SEE ALSO | FILES | BUGS
Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=krb_realmofhost&sektion=3&manpath=FreeBSD+5.4-RELEASE+and+Ports>