svn commit: samba r10398 - in branches/SAMBA_4_0/source:
auth/kerberos heimdal/lib/krb5
abartlet at samba.org
abartlet at samba.org
Wed Sep 21 22:55:41 GMT 2005
Author: abartlet
Date: 2005-09-21 22:55:39 +0000 (Wed, 21 Sep 2005)
New Revision: 10398
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10398
Log:
Don't do DNS lookups on short names (no .).
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/auth/kerberos/kerberos-notes.txt
branches/SAMBA_4_0/source/heimdal/lib/krb5/krbhst.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/kerberos/kerberos-notes.txt
===================================================================
--- branches/SAMBA_4_0/source/auth/kerberos/kerberos-notes.txt 2005-09-21 19:43:42 UTC (rev 10397)
+++ branches/SAMBA_4_0/source/auth/kerberos/kerberos-notes.txt 2005-09-21 22:55:39 UTC (rev 10398)
@@ -365,4 +365,12 @@
just error code translations.
+Short name rules
+----------------
+Samba is highly likely to be misconfigured, in many weird and
+interesting ways. As such, we have a patch for Heimdal that avoids
+DNS lookups on names without a . in them. This should avoid some
+delay and root server load.
+
+
Modified: branches/SAMBA_4_0/source/heimdal/lib/krb5/krbhst.c
===================================================================
--- branches/SAMBA_4_0/source/heimdal/lib/krb5/krbhst.c 2005-09-21 19:43:42 UTC (rev 10397)
+++ branches/SAMBA_4_0/source/heimdal/lib/krb5/krbhst.c 2005-09-21 22:55:39 UTC (rev 10398)
@@ -634,6 +634,11 @@
return NULL;
}
+ /* For 'realms' without a . do not even think of going to DNS */
+ if (!strchr(realm, '.')) {
+ kd->flags |= KD_CONFIG_EXISTS;
+ }
+
if (flags & KRB5_KRBHST_FLAGS_LARGE_MSG)
kd->flags |= KD_LARGE_MSG;
kd->end = kd->index = &kd->hosts;
More information about the samba-cvs
mailing list