NAME

LIBRARY

SYNOPSIS

krb5_error_code
krb5_copy_host_realm(krb5_context context, const krb5_realm *from, krb5_realm **to);

krb5_error_code
krb5_free_host_realm(krb5_context context, krb5_realm *realmlist);

krb5_error_code
krb5_get_default_realm(krb5_context context, krb5_realm *realm);

krb5_error_code
krb5_get_default_realms(krb5_context context, krb5_realm **realm);

krb5_error_code
krb5_get_host_realm(krb5_context context, const char *host, krb5_realm **realms);

krb5_error_code
krb5_set_default_realm(krb5_context context, const char *realm);

DESCRIPTION

krb5_free_host_realm() frees all memory allocated by realmlist.

krb5_get_default_realm() returns the first default realm for this host. The realm returned should be freed with free().

krb5_get_default_realms() returns a NULL terminated list of default realms for this context. Realms returned by krb5_get_default_realms() should be freed with krb5_free_host_realm().

krb5_get_host_realm() returns a NULL terminated list of realms for host by looking up the information in the [domain_realm] in krb5.conf or in DNS. If the mapping in [domain_realm] results in the string dns_locate, DNS is used to lookup the realm.

When using DNS to a resolve the domain for the host a.b.c, krb5_get_host_realm() looks for a TXT resource record named _kerberos.a.b.c, and if not found, it strips off the first component and tries a again (_kerberos.b.c) until it reaches the root.

If there is no configuration or DNS information found, krb5_get_host_realm() assumes it can use the domain part of the host to form a realm. Caller must free realmlist with krb5_free_host_realm().

krb5_set_default_realm() sets the default realm for the context. If NULL is used as a realm, the [libdefaults]default_realm stanza in krb5.conf is used. If there is no such stanza in the configuration file, the krb5_get_host_realm() function is used to form a default realm.

SEE ALSO