#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <ctype.h>
-#include <krb.h>
+#include <krb5.h>
RCSID("$Header$");
-static char default_realm[REALM_SZ];
-
int mrcl_validate_string_member(char *str)
{
- char *p, *lname;
+ char *p, *lname, *ret;
+
+ for (ret = str; *ret; ret++)
+ {
+ if (iscntrl(*ret))
+ {
+ mrcl_set_message("STRING \"%s\" contains control characters, "
+ "which are not allowed.", str);
+ return MRCL_REJECT;
+ }
+ }
p = strchr(str, '@');
if (p)
{
mrcl_set_message("STRING \"%s\" is not a foreign mail address.\nAdding "
"it to a mailing list may cause the list to break.",
- lname);
- return MRCL_REJECT;
+ str);
+ return MRCL_WARN;
}
mrcl_clear_message();
int mrcl_validate_kerberos_member(char *str, char **ret)
{
char *p;
+ int code = 0;
+ krb5_context context = NULL;
+ char *default_realm = NULL;
mrcl_clear_message();
+ for (p = str; *p; p++)
+ {
+ if (isspace(*p) || *p == ',')
+ {
+ mrcl_set_message("KERBEROS member \"%s\" may not contain whitespace "
+ "or commas.", str);
+ return MRCL_REJECT;
+ }
+ }
+
p = strchr(str, '@');
if (!p)
{
return MRCL_SUCCESS;
}
- if (!*default_realm)
- krb_get_lrealm(default_realm, 1);
+ code = krb5_init_context(&context);
+ if (code)
+ goto out;
+
+ code = krb5_get_default_realm(context, &default_realm);
+ if (code)
+ goto out;
*ret = malloc(strlen(str) + strlen(default_realm) + 2);
sprintf(*ret, "%s@%s", str, default_realm);
mrcl_set_message("Warning: default realm \"%s\" added to principal "
"\"%s\"", default_realm, str);
+
+ out:
+ if (default_realm)
+ free(default_realm);
+ if (context)
+ krb5_free_context(context);
+ if (!code)
+ return code;
return MRCL_SUCCESS;
}