[1050] in Kerberos_V5_Development
Re: full explanation of proposed krb5_sname_to_princ change
daemon@ATHENA.MIT.EDU (Sam Hartman)
Wed Apr 10 22:56:40 1996
To: "Theodore Ts'o" <tytso@MIT.EDU>
Cc: Sam Hartman <hartmans@MIT.EDU>, krbdev@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 10 Apr 1996 22:55:55 -0400
In-Reply-To: Theodore Ts'o's message of Mon, 8 Apr 1996 20:05:26 -0400
Theodore Ts'o <tytso@MIT.EDU> writes:
>
> Instead of changing krb5_sname_to_princ, or creating a new
> version of krb5_sname_to_princ, what about simply having a new function,
> krb5_os_cannonicalize_hostname(), which takes as input a hostname, and calls
> gethostyaddr(gethostbyname()) on the input hostname and returns the
> resulting hostname?
>
> Then we simply have to change those programs which might have to
> call krb5_os_cannonicalize_hostname() first, and then using the
> resulting hostname for krb5_sname_to_princ() as well as using that
> hostname to call gethostbyname(), followed by connect().
The RFC does not require a unique name exist for each host. I
> can call all the dialups athena.dialup.mit.edu and give them
> different IP addresses, or more likely to happen in the real world,
> call one of the the dialups athena.dialup.mit.edu, the secondary
> dialup athena-2.dailup.mit.edu, etc. My original solution would
> work in this case, correctly using athena-2.dialup.mit.edu only if
> you end up connecting to that machine. Your solution breaks if you
> connect to athena.dialup.mit.edu but then krb5_sname_to_princ
> re-cannonicalizes athena.dialup.mit.edu and gets
> athena-2.dialup.mit.edu.
