[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A more robust krb5_get_host_realm?

On Fri, Mar 23, 2007 at 01:56:56AM -0400, Michael B Allen wrote:

> I want krb5_get_host_realm to try harder to find the domain name. In
> particular, some systems (Ubuntu Linux for example) easily end up with
> a hostname that is not an FQDN. In this case, krb5_get_host_realm gives

Since the hostname has no relation to networking, it is perfectly normal
if you can not resolve it in any way using DNS.

> Can someone recommend a superior method? Personally I'm partial to just
> getting down to business and doing a PTR lookup. Portable too.

I see two possible methods:

- Enumerate all IP addresses on all network interfaces and look up the
  associated FQDNs. On multi-homed machines different addresses may
  resolve to completely different domains, so you must be able to return
  a list.

  If you want a portable solution, use something like libdnet:

- Just make it mandatory to specify the domain/realm in krb5.conf in
  case the hostname is not resolvable. I think this is the case now,
  maybe we just need better error messages to inform the user about the


     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences