Ken Raeburn wrote: > At one point, the library may try to look up the "master KDC" (so if > you get an "incorrect password" type result but were talking to a > slave KDC that may not have your password change from 30 seconds ago, > it then tries a KDC that would have it); offhand, I'm not sure how > many DNS queries that's likely to generate. Here at MIT, we've got a > SRV record for _kerberos_master._udp.athena.mit.edu listing one host, > so we do get one additional lookup for that name. (Oddly, we don't > get two, for A and AAAA; I should look at why that is.) >
The DNS will always return all matches to the query including queries for SRV requests. When you do the additional lookup for the name, getaddrinfo() I assume, the lookup returns all AAAA and A addresses unless you have configured the call to only look up one or the other. There is no need for a separate lookup. getaddrinfo() returns ALL addresses that matches the query. Danny ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
