Provided by: shishi-doc_1.0.0-2_all bug


       shishi_realm_for_server_dns - API function


       #include <shishi.h>

       char * shishi_realm_for_server_dns(Shishi * handle, char * server);


       Shishi * handle
                   Shishi library handle create by shishi_init().

       char * server
                   hostname to find realm for.


       Find      realm     for     a     host     using     DNS     lookups,     according     to
       draft-ietf-krb-wg-krb-dns-locate-03.txt.  Since DNS lookups may be spoofed, relying on the
       realm  information  may  result in a redirection attack.  In a single-realm scenario, this
       only achieves a denial of service, but with cross-realm trust it may  redirect  you  to  a
       compromised  realm.   For  this  reason, Shishi prints a warning, suggesting that the user
       should add the proper 'server-realm' configuration tokens instead.

       To illustrate the DNS information used, here is an extract from a zone file for the domain
       ASDF.COM:              IN       TXT     "ASDF.COM"
       IN        TXT       "MARKETING.ASDF.COM"   IN        TXT

       Let  us  suppose  that  in  this  case,  a  client  wishes  to  use  a service on the host  It would first query: IN TXT

       Finding no match, it would then query: IN TXT


       Returns realm for host, or NULL if not found.


       Report bugs to <>.


       Copyright © 2002-2010 Simon Josefsson.
       Copying and distribution of this file, with or without modification, are permitted in  any
       medium without royalty provided the copyright notice and this notice are preserved.


       The  full  documentation  for  shishi  is maintained as a Texinfo manual.  If the info and
       shishi programs are properly installed at your site, the command

              info shishi

       should give you access to the complete manual.