rpms / krb5

Clone
Source Code
GIT

Files

embargo f10 f11 f12 f13 f14 f15 f16 f16-s4u f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main master-f15-1.9 master-f15-nss rawhide
  1.   master-f15-nss
  2.   krb5-1.8-kpasswd_tcp.patch
Blob Blame History Raw 
Fall back to TCP on kdc-unresolvable/unreachable errors.  We still have
to wait for UDP to fail, so this might not be ideal.  RT #5868.

diff -up krb5-1.8/src/lib/krb5/os/changepw.c.kpasswd_tcp krb5-1.8/src/lib/krb5/os/changepw.c
--- krb5-1.8/src/lib/krb5/os/changepw.c.kpasswd_tcp	2009-12-02 13:06:19.000000000 -0500
+++ krb5-1.8/src/lib/krb5/os/changepw.c	2010-03-05 11:02:39.000000000 -0500
@@ -270,11 +270,22 @@ change_set_password(krb5_context context
                                    NULL,
                                    NULL
              ))) {
-
-            /*
-             * Here we may want to switch to TCP on some errors.
-             * right?
-             */
+            /* if we're not using a stream socket, and it's an error which
+             * might reasonably be specific to a datagram "connection", try
+             * again with a stream socket */
+            if (!useTcp) {
+                switch (code) {
+                case KRB5_KDC_UNREACH:
+                case KRB5_REALM_CANT_RESOLVE:
+                case KRB5KRB_ERR_RESPONSE_TOO_BIG:
+                /* should we do this for more result codes than these? */
+                    krb5int_free_addrlist (&al);
+                    useTcp = 1;
+                    continue;
+                default:
+                    break;
+                }
+            }
             break;
         }
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.