Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

shishi_realm_for_server_dns(3) [debian man page]

shishi_realm_for_server_dns(3)					      shishi					    shishi_realm_for_server_dns(3)

NAME

       shishi_realm_for_server_dns - API function

SYNOPSIS

       #include <shishi.h>

       char * shishi_realm_for_server_dns(Shishi * handle, char * server);

ARGUMENTS

       Shishi * handle
		   Shishi library handle create by shishi_init().

       char * server
		   hostname to find realm for.

DESCRIPTION

       Find  realm  for a host using DNS lookups, according to draft-ietf-krb-wg-krb-dns-locate-03.txt.  Since DNS lookups may be spoofed, relying
       on the realm information may result in a redirection attack.  In a single-realm scenario, this only achieves a denial of service, but  with
       cross-realm  trust  it  may redirect you to a compromised realm.  For this reason, Shishi prints a warning, suggesting that the user should
       add the proper 'server-realm' configuration tokens instead.

       To illustrate the DNS information used, here is an extract from a zone file for the domain ASDF.COM:

       _kerberos.asdf.com.	       IN      TXT	"ASDF.COM"  _kerberos.mrkserver.asdf.com.    IN       TXT      "MARKETING.ASDF.COM"  _ker-
       beros.salesserver.asdf.com. IN	   TXT	   "SALES.ASDF.COM"

       Let us suppose that in this case, a client wishes to use a service on the host foo.asdf.com.  It would first query:

       _kerberos.foo.asdf.com. IN TXT

       Finding no match, it would then query:

       _kerberos.asdf.com. IN TXT

RETURN VALUE

       Returns realm for host, or NULL if not found.

REPORTING BUGS

       Report bugs to <bug-shishi@gnu.org>.

COPYRIGHT

       Copyright (C) 2002-2010 Simon Josefsson.
       Copying	and  distribution  of  this file, with or without modification, are permitted in any medium without royalty provided the copyright
       notice and this notice are preserved.

SEE ALSO

       The full documentation for shishi is maintained as a Texinfo manual.  If the info and shishi programs are properly installed at your  site,
       the command

	      info shishi

       should give you access to the complete manual.

shishi								       1.0.1					    shishi_realm_for_server_dns(3)

Check Out this Related Man Page

shishi_init_with_paths(3)					      shishi						 shishi_init_with_paths(3)

NAME

       shishi_init_with_paths - API function

SYNOPSIS

       #include <shishi.h>

       int shishi_init_with_paths(Shishi ** handle, const char * tktsfile, const char * systemcfgfile, const char * usercfgfile);

ARGUMENTS

       Shishi ** handle
		   pointer to handle to be created.

       const char * tktsfile
		   Filename of ticket file, or NULL.

       const char * systemcfgfile
		   Filename of system configuration, or NULL.

       const char * usercfgfile
		   Filename of user configuration, or NULL.

DESCRIPTION

       Create  a Shishi library handle, using shishi(), and read the system configuration file, user configuration file, and user tickets from the
       specified locations.  If any of usercfgfile or systemcfgfile is NULL, the file is read from its default location, which for the system con-
       figuration  file  is  decided at compile time, and is $sysconfdir/shishi.conf, and for the user configuration file is $HOME/.shishi/config.
       If the ticket file is NULL, a ticket file is not read at all.

       The handle is allocated regardless of return values, except for SHISHI_HANDLE_ERROR which indicates a problem allocating the handle.   (The
       other error conditions comes from reading the files.)

RETURN VALUE

       Returns SHISHI_OK iff successful.

REPORTING BUGS

       Report bugs to <bug-shishi@gnu.org>.

COPYRIGHT

       Copyright (C) 2002-2010 Simon Josefsson.
       Copying	and  distribution  of  this file, with or without modification, are permitted in any medium without royalty provided the copyright
       notice and this notice are preserved.

SEE ALSO

       The full documentation for shishi is maintained as a Texinfo manual.  If the info and shishi programs are properly installed at your  site,
       the command

	      info shishi

       should give you access to the complete manual.

shishi								       1.0.1						 shishi_init_with_paths(3)
Man Page