Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

shishi_realm_for_server_dns(3)	    shishi	shishi_realm_for_server_dns(3)

NAME
       shishi_realm_for_server_dns - API function

SYNOPSIS
       #include <shishi.h>

       char * shishi_realm_for_server_dns(Shishi * handle, char * server);

ARGUMENTS
       Shishi * handle
		   Shishi library handle create by shishi_init().

       char * server
		   hostname to find realm for.

DESCRIPTION
       Find   realm   for   a	host   using   DNS   lookups,	according   to
       draft-ietf-krb-wg-krb-dns-locate-03.txt.	  Since	 DNS  lookups  may  be
       spoofed,	 relying  on the realm information may result in a redirection
       attack.	In a single-realm scenario, this only  achieves	 a  denial  of
       service,	 but  with  cross-realm trust it may redirect you to a compro‐
       mised realm.  For this reason, Shishi prints a warning, suggesting that
       the  user  should  add  the  proper 'server-realm' configuration tokens
       instead.

       To illustrate the DNS information used, here is an extract from a  zone
       file for the domain ASDF.COM:

       _kerberos.asdf.com.		 IN	   TXT	     "ASDF.COM"	 _ker‐
       beros.mrkserver.asdf.com.   IN	   TXT	   "MARKETING.ASDF.COM"	 _ker‐
       beros.salesserver.asdf.com. IN	   TXT	   "SALES.ASDF.COM"

       Let  us	suppose that in this case, a client wishes to use a service on
       the host foo.asdf.com.  It would first query:

       _kerberos.foo.asdf.com. IN TXT

       Finding no match, it would then query:

       _kerberos.asdf.com. IN TXT

RETURN VALUE
       Returns realm for host, or NULL if not found.

REPORTING BUGS
       Report bugs to <bug-shishi@gnu.org>.

COPYRIGHT
       Copyright © 2002-2010 Simon Josefsson.
       Copying and distribution of this file, with  or	without	 modification,
       are  permitted  in  any	medium	without royalty provided the copyright
       notice and this notice are preserved.

SEE ALSO
       The full documentation for shishi is maintained as  a  Texinfo  manual.
       If  the	info  and shishi programs are properly installed at your site,
       the command

	      info shishi

       should give you access to the complete manual.

shishi				     1.0.2	shishi_realm_for_server_dns(3)

Vote for polarhome