diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-09-21 22:55:39 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:38:39 -0500 |
| commit | 3b7f8ddd9a7c0d372a0585790913ac95c9eb3324 (patch) | |
| tree | 7eb8e1ba7394573ce6eac56d873f3801d7a45209 | |
| parent | e0febb258a29ac5deb034075219114337f468001 (diff) | |
| download | samba-3b7f8ddd9a7c0d372a0585790913ac95c9eb3324.tar.gz samba-3b7f8ddd9a7c0d372a0585790913ac95c9eb3324.tar.bz2 samba-3b7f8ddd9a7c0d372a0585790913ac95c9eb3324.zip | |
r10398: Don't do DNS lookups on short names (no .).
Andrew Bartlett
(This used to be commit 77aca9619d24a8e118f53bcd1a1e54b8437812a8)
| -rw-r--r-- | source4/auth/kerberos/kerberos-notes.txt | 8 | ||||
| -rw-r--r-- | source4/heimdal/lib/krb5/krbhst.c | 5 |
2 files changed, 13 insertions, 0 deletions
diff --git a/source4/auth/kerberos/kerberos-notes.txt b/source4/auth/kerberos/kerberos-notes.txt index cfbf904bb3..3b2989eee1 100644 --- a/source4/auth/kerberos/kerberos-notes.txt +++ b/source4/auth/kerberos/kerberos-notes.txt @@ -365,4 +365,12 @@ by providing specific, english text-string error messages instead of just error code translations. +Short name rules +---------------- + +Samba is highly likely to be misconfigured, in many weird and +interesting ways. As such, we have a patch for Heimdal that avoids +DNS lookups on names without a . in them. This should avoid some +delay and root server load. + diff --git a/source4/heimdal/lib/krb5/krbhst.c b/source4/heimdal/lib/krb5/krbhst.c index 49eee08ca5..98e9cb3f09 100644 --- a/source4/heimdal/lib/krb5/krbhst.c +++ b/source4/heimdal/lib/krb5/krbhst.c @@ -634,6 +634,11 @@ common_init(krb5_context context, return NULL; } + /* For 'realms' without a . do not even think of going to DNS */ + if (!strchr(realm, '.')) { + kd->flags |= KD_CONFIG_EXISTS; + } + if (flags & KRB5_KRBHST_FLAGS_LARGE_MSG) kd->flags |= KD_LARGE_MSG; kd->end = kd->index = &kd->hosts; |