[24464] in Kerberos

home help back first fref pref prev next nref lref last post

Re: Memory Leak problems with krb5_get_init_creds_password?

daemon@ATHENA.MIT.EDU (Donn Cave)
Wed Aug 17 14:58:29 2005

From: Donn Cave <donn@u.washington.edu>
Date: Wed, 17 Aug 2005 11:51:08 -0700
Message-ID: <donn-151F79.11510817082005@gnus01.u.washington.edu>
To: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu

In article <20050817145802.GF20989@usc.edu>, cfb@usc.edu (Chet Burgess) 
wrote:
[ ... re memory leak caused by DNS KDC lookup ... ]
> 	The res_ninit() call and the subsequent calls for the DNS
> records are made in the krb5int_dns_init function found at
> src/lib/krb5/os. The res_ninit() call is made for every lookup. As for
> the DNS vs. config file variable, I had a proper krb5.conf file that
> listed the REALM and the KDCs, untill I added "dns_fallback = false"
> to the config file it would always try DNS then look at the config
> file.

That's weird, but there are some potential surprises.  For an
example I ran into myself, if your initial request fails, it
will be retried to the configured "master_kdc".  Of course if that
isn't in krb5.conf it will go to DNS ("_kerberos-master._udp".)

"master_kdc" is fairly recent and likely not configured at a
lot of sites where the krb5.conf goes back a ways (or maybe
where there is no master KDC, though such sites may as well
configure a value anyway.)

   Donn Cave, donn@u.washington.edu
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post