krb5_wrap: Try to guess the correct realm from the service hostname

If we do not get a realm mapping from the krb5.conf or from the Kerberos
library try to guess it from the service hostname. The guessing of the
realm from the service hostname is already implemented in Heimdal. This
makes the behavior of smb_krb5_get_realm_from_hostname() consistent
with both MIT and Heimdal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 780a7a4adf5d553e482ef3bb8e045ce908fd09bb..92af8c609790f8ca837051e29daa261c11ebc7b4 100644 (file)
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -2719,6 +2719,19 @@ static char *smb_krb5_get_realm_from_hostname(TALLOC_CTX *mem_ctx,
            realm_list[0] != NULL &&
            realm_list[0][0] != '\0') {
                realm = talloc_strdup(mem_ctx, realm_list[0]);
+       } else {
+               const char *p = NULL;
+
+               /*
+                * "dc6.samba2003.example.com"
+                * returns a realm of "SAMBA2003.EXAMPLE.COM"
+                *
+                * "dc6." returns realm as NULL
+                */
+               p = strchr_m(hostname, '.');
+               if (p != NULL && p[1] != '\0') {
+                       realm = talloc_strdup_upper(mem_ctx, p + 1);
+               }
        }
 
   out: