diff options
| author | Greg Hudson <ghudson@mit.edu> | 2017-02-27 22:35:07 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2017-02-28 13:52:12 -0500 |
| commit | 59a3449f13c63048b44f56cad2d528c0805d3627 (patch) | |
| tree | a327e77cc51932ec5a55cb7e4c60b37798d4fb2c | |
| parent | eb54f32ec84f945f1857bc289ca7ea37524424bb (diff) | |
| download | krb5-59a3449f13c63048b44f56cad2d528c0805d3627.zip krb5-59a3449f13c63048b44f56cad2d528c0805d3627.tar.gz krb5-59a3449f13c63048b44f56cad2d528c0805d3627.tar.bz2 | |
Fix udp_preference_limit with SRV records
In sendto_kdc:resolve_server() when resolving a server entry with a
specified transport, defer the resulting addresses if the strategy
dictates that the specified transport is not preferred. Reported by
Jochen Hein.
(cherry picked from commit bc7594058011c2f9711f24af4fa15a421a8d5b62)
ticket: 8554
version_fixed: 1.15.1
| -rw-r--r-- | src/lib/krb5/os/sendto_kdc.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c index ef80991..fffe026 100644 --- a/src/lib/krb5/os/sendto_kdc.c +++ b/src/lib/krb5/os/sendto_kdc.c @@ -791,7 +791,7 @@ resolve_server(krb5_context context, const krb5_data *realm, struct server_entry *entry = &servers->servers[ind]; k5_transport transport; struct addrinfo *addrs, *a, hint, ai; - krb5_boolean defer; + krb5_boolean defer = FALSE; int err, result; char portbuf[PORT_LENGTH]; @@ -811,9 +811,13 @@ resolve_server(krb5_context context, const krb5_data *realm, NULL, NULL, entry->uri_path, udpbufp); } - /* If the entry has a specified transport, use it. */ - if (entry->transport != TCP_OR_UDP) + /* If the entry has a specified transport, use it, but possibly defer the + * addresses we add based on the strategy. */ + if (entry->transport != TCP_OR_UDP) { transport = entry->transport; + defer = (entry->transport == TCP && strategy == UDP_FIRST) || + (entry->transport == UDP && strategy == UDP_LAST); + } memset(&hint, 0, sizeof(hint)); hint.ai_family = entry->family; @@ -833,7 +837,7 @@ resolve_server(krb5_context context, const krb5_data *realm, /* Add each address with the specified or preferred transport. */ retval = 0; for (a = addrs; a != 0 && retval == 0; a = a->ai_next) { - retval = add_connection(conns, transport, FALSE, a, ind, realm, + retval = add_connection(conns, transport, defer, a, ind, realm, entry->hostname, portbuf, entry->uri_path, udpbufp); } |