[16220] in Kerberos-V5-bugs
[krbdev.mit.edu #8765] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Fri Dec 21 12:41:21 2018
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: Greg Hudson via RT <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8765@krbdev.mit.edu>
Message-ID: <rt-8765-49220.8.6613247178709@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8765'":;
Date: Fri, 21 Dec 2018 12:41:09 -0500
MIME-Version: 1.0
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Add dns_canonicalize_hostname=fallback support
Turn dns_canonicalize_hostname into a tristate variable, allowing the
value "fallback" as well as the true/false booleans. If it is set to
fallback, delay DNS canonicalization and attempt it only in
krb5_get_credentials() if the KDC responds that the requested server
principal name is unknown.
[ghudson@mit.edu: added TGS tests; refactored code; edited commit
message and documentation]
https://github.com/krb5/krb5/commit/6c20cb1c89acaa03db897182a3b28d5f8f284907
Author: Simo Sorce <simo@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 6c20cb1c89acaa03db897182a3b28d5f8f284907
Branch: master
doc/admin/conf_files/krb5_conf.rst | 4 ++
src/include/k5-int.h | 8 +++-
src/include/k5-trace.h | 3 +
src/lib/krb5/krb/get_creds.c | 79 +++++++++++++++++++++++++++++++----
src/lib/krb5/krb/init_ctx.c | 27 ++++++++++++-
src/lib/krb5/krb/t_copy_context.c | 2 +-
src/lib/krb5/os/os-proto.h | 4 ++
src/lib/krb5/os/sn2princ.c | 19 +++++++--
src/tests/gcred.c | 5 ++-
src/tests/t_sn2princ.py | 34 +++++++++++++++-
10 files changed, 167 insertions(+), 18 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
