[krbdev.mit.edu #7603] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Thu Apr 11 22:16:28 EDT 2013
Allow numeric addresses as service hostnames
Since krb5 1.3, krb5_get_host_realm (and therefore
krb5_sname_to_principal) has refused hostnames which appear to be
numeric addresses--with the exception of 1.6, which was ignoring
errors from clean_hostname. In specialized environments, it may be
desirable to use IP addresses in service principal names, and there's
no compelling reason for us to get in the way of that.
Move the numeric address check out of k5_clean_hostname into a new
helper function, and simply skip the domain-based mechanisms if it
returns true. Factor out the [domain_realm] search into a second new
helper function to make it easier to skip.
https://github.com/krb5/krb5/commit/0f93db1b5bd0c2aac98945b8a8f1564ede632de0
Author: Greg Hudson <ghudson at mit.edu>
Commit: 0f93db1b5bd0c2aac98945b8a8f1564ede632de0
Branch: master
src/lib/krb5/os/hst_realm.c | 113 +++++++++++++++++++++++++------------------
1 files changed, 66 insertions(+), 47 deletions(-)
More information about the krb5-bugs
mailing list