[29866] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.14]: Fix udp_preference_limit with SRV records
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Feb 28 14:04:02 2017
Date: Tue, 28 Feb 2017 14:03:59 -0500
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201702281903.v1SJ3xKS028092@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/8baafc7a7150e585d9691159b8bc33e823f36f8d
commit 8baafc7a7150e585d9691159b8bc33e823f36f8d
Author: Greg Hudson <ghudson@mit.edu>
Date: Mon Feb 27 22:35:07 2017 -0500
Fix udp_preference_limit with SRV records
In sendto_kdc:resolve_server() when resolving a server entry with a
specified transport, defer the resulting addresses if the strategy
dictates that the specified transport is not preferred. Reported by
Jochen Hein.
(cherry picked from commit bc7594058011c2f9711f24af4fa15a421a8d5b62)
ticket: 8554
version_fixed: 1.14.5
src/lib/krb5/os/sendto_kdc.c | 12 ++++++++----
1 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index 6231de2..d11aa11 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -732,7 +732,7 @@ resolve_server(krb5_context context, const krb5_data *realm,
struct server_entry *entry = &servers->servers[ind];
k5_transport transport;
struct addrinfo *addrs, *a, hint, ai;
- krb5_boolean defer;
+ krb5_boolean defer = FALSE;
int err, result;
char portbuf[PORT_LENGTH];
@@ -752,9 +752,13 @@ resolve_server(krb5_context context, const krb5_data *realm,
NULL, NULL, entry->uri_path, udpbufp);
}
- /* If the entry has a specified transport, use it. */
- if (entry->transport != TCP_OR_UDP)
+ /* If the entry has a specified transport, use it, but possibly defer the
+ * addresses we add based on the strategy. */
+ if (entry->transport != TCP_OR_UDP) {
transport = entry->transport;
+ defer = (entry->transport == TCP && strategy == UDP_FIRST) ||
+ (entry->transport == UDP && strategy == UDP_LAST);
+ }
memset(&hint, 0, sizeof(hint));
hint.ai_family = entry->family;
@@ -774,7 +778,7 @@ resolve_server(krb5_context context, const krb5_data *realm,
/* Add each address with the specified or preferred transport. */
retval = 0;
for (a = addrs; a != 0 && retval == 0; a = a->ai_next) {
- retval = add_connection(conns, transport, FALSE, a, ind, realm,
+ retval = add_connection(conns, transport, defer, a, ind, realm,
entry->hostname, portbuf, entry->uri_path,
udpbufp);
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5