I'm sorry if I'm wrong, but doesn't getaddrinfo get ai_canonname by doing a reverse lookup? When I tried it out, at least that is what happened.
It depends on the platform. The GNU getaddrinfo implementation does. I'm assuming AI_CANONNAME in ai_flags.
Yeah, the GNU one is just broken that way.
NetBSD 2.0, AIX 5.2 don't, they stop at what you'd get from gethostbyname() -- they look up CNAME aliases but don't look up the IP PTR.
Yes, I think they're closer (at least) to getting it right.
Maybe not quite there... the NetBSD one didn't look thread-safe at a glance, though I may have missed something, and thread safety is part of the spec of the function. I don't have AIX 5.2 to test with, but 4.3.3 had some issues we had to work around, too.
Also might be worth mentioning that the MIT implementation also uses this in several places, though in the critical sname_to_principal() function it uses getnameinfo for the lookup.
Secure DNS would be nice for all this.
Yup, we've got problems to address in this area. Can't do it for 1.4, though.
Ken
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
