Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
KRB_REALMOFHOST(3)                             KRB_REALMOFHOST(3)

NAME
       krb_realmofhost,       krb_get_phost,      krb_get_krbhst,
       krb_get_admhst, krb_get_lrealm - additional Kerberos util-
       ity routines

SYNOPSIS
       #include <krb.h>
       #include <des.h>
       #include <netinet/in.h>

       char *krb_realmofhost(host)
       char *host;

       char *krb_get_phost(alias)
       char *alias;

       krb_get_krbhst(host,realm,n)
       char *host;
       char *realm;
       int n;

       krb_get_admhst(host,realm,n)
       char *host;
       char *realm;
       int n;

       krb_get_lrealm(realm,n)
       char *realm;
       int n;

DESCRIPTION
       krb_realmofhost  returns  the  Kerberos  realm of the host
       host, as determined by the translation table /etc/kerbero-
       sIV/krb.realms.    host   should  be  the  fully-qualified
       domain-style primary host name of the  host  in  question.
       In order to prevent certain security attacks, this routine
       must either have a priori knowledge of a host's realm,  or
       obtain such information securely.

       The  format  of  the  translation  file  is  described  by
       krb.realms(5).  If host exactly matches a host_name  line,
       the  corresponding  realm  is returned.  Otherwise, if the
       domain portion of host matches  a  domain_name  line,  the
       corresponding  realm  is  returned.   If  host  contains a
       domain, but no translation is found, host's domain is con-
       verted  to  upper-case  and returned.  If host contains no
       discernable domain, or an error occurs,  the  local  realm
       name, as supplied by krb_get_lrealm(3), is returned.

       krb_get_phost  converts  the  hostname alias (which can be
       either an official name or an  alias)  into  the  instance
       name  to  be  used  in obtaining Kerberos tickets for most
       services, including the Berkeley rcmd suite (rlogin,  rcp,
       rsh).

MIT Project Athena     Kerberos Version 4.0                     1

KRB_REALMOFHOST(3)                             KRB_REALMOFHOST(3)

       The  current  convention is to return the first segment of
       the official domain-style name after conversion  to  lower
       case.

       krb_get_krbhst  fills in host with the hostname of the nth
       host running a Kerberos key distribution center (KDC)  for
       realm  realm,  as  specified  in  the  configuration  file
       (/etc/kerberosIV/krb.conf).   The  configuration  file  is
       described  by  krb.conf(5).   If  the host is successfully
       filled in, the routine returns KSUCCESS.  If the file can-
       not  be opened, and n equals 1, then the value of KRB_HOST
       as defined in  _krb.h_  is  filled  in,  and  KSUCCESS  is
       returned.   If there are fewer than n hosts running a Ker-
       beros KDC for the requested realm,  or  the  configuration
       file is malformed, the routine returns KFAILURE.

       krb_get_admhst  fills in host with the hostname of the nth
       host running a Kerberos KDC database administration server
       for  realm  realm,  as specified in the configuration file
       (/etc/kerberosIV/krb.conf).  If the file cannot be  opened
       or is malformed, or there are fewer than n hosts running a
       Kerberos KDC database administration server,  the  routine
       returns KFAILURE.

       The   character   arrays   used   as   return  values  for
       krb_get_krbhst, krb_get_admhst, should be large enough  to
       hold any hostname (MAXHOSTNAMELEN from <sys/param.h>).

       krb_get_lrealm  fills  in  realm with the nth realm of the
       local host, as specified in the configuration file.  realm
       should  be at least REALM_SZ (from _krb.h_)characterslong.

SEE ALSO
FILES
       /etc/kerberosIV/krb.realms
                           translation  file  for   host-to-realm
                           mapping.

       /etc/kerberosIV/krb.conf
                           local realm-name and realm/server con-
                           figuration file.

BUGS
       The current convention for instance names is too  limited;
       the full domain name should be used.

       krb_get_lrealm  currently  only supports n = 1.  It should
       really consult the user's ticket cache  to  determine  the
       user's current realm, rather than consulting a file on the
       host.

MIT Project Athena     Kerberos Version 4.0                     2


NAME | SYNOPSIS | DESCRIPTION | SEE ALSO | FILES | BUGS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=krb_realmofhost&sektion=3&manpath=OpenBSD+3.1>

home | help