From 43d0c2e9ea71770aa87e74778c20908606cd55f8 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 27 Sep 2010 14:34:06 -0700 Subject: heimdal: avoid DNS search domain expansion When you have a domain search list in resolv.conf, and one of the DNS servers for a searched domain is uncontactable then we would timeout resolving DNS names. Avoid this by adding a '.' to the hostname if the hostname already has a '.' in it, which we assume to mean it is fully qualified. --- source4/heimdal/lib/krb5/krbhst.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'source4') diff --git a/source4/heimdal/lib/krb5/krbhst.c b/source4/heimdal/lib/krb5/krbhst.c index 3bb00d287d..4da3af2e82 100644 --- a/source4/heimdal/lib/krb5/krbhst.c +++ b/source4/heimdal/lib/krb5/krbhst.c @@ -370,9 +370,24 @@ krb5_krbhst_get_addrinfo(krb5_context context, krb5_krbhst_info *host, int ret; if (host->ai == NULL) { + char *hostname_dot = NULL; make_hints(&hints, host->proto); snprintf (portstr, sizeof(portstr), "%d", host->port); - ret = getaddrinfo(host->hostname, portstr, &hints, &host->ai); + if (strchr(host->hostname, '.') && + host->hostname[strlen(host->hostname)-1] != '.') { + /* avoid expansion of search domains from resolv.conf + - these can be very slow if the DNS server is not up + for the searched domain */ + hostname_dot = malloc(strlen(host->hostname)+2); + if (hostname_dot) { + strcpy(hostname_dot, host->hostname); + hostname_dot[strlen(host->hostname)] = '.'; + hostname_dot[strlen(host->hostname)+1] = 0; + } + } + ret = getaddrinfo(hostname_dot?hostname_dot:host->hostname, portstr, &hints, &host->ai); + if (hostname_dot) + free(hostname_dot); if (ret) return krb5_eai_to_heim_errno(ret, errno); } -- cgit