host-based princname canon (Re: Null realms and servers)
Ken Raeburn
raeburn at MIT.EDU
Wed Dec 20 15:26:49 EST 2006
On Dec 20, 2006, at 13:04, Nicolas Williams wrote:
> An algorithm for hostname canonicalization in krb5_get_credentials()
> with search lists but w/o DNS:
>
> for (domain in searchlist) {
> if (get_svc_ticket(fqdn = short_form_hostname || '.' || domain))
> return (fqdn);
> }
>
> return (short_form_hostname || '.' || searchlist[0]);
So if the name exists in multiple domains in the search list, the
result here depends on whether the service in question is available
on any of those hosts. Or do you want to try something common like
"host" for hostname resolution, and then go back and try to get the
service ticket?
Ken
More information about the krbdev
mailing list