"Richard E. Silverman" <[email protected]> writes: > In 1.8.1, there is the following code in src/lib/krb5/os/dnsglue.c: > > krb5int_dns_init(struct krb5int_dns_state **dsp, > char *host, int nclass, int ntype) > { > ... > nextincr = 2048; > maxincr = INT_MAX; > ... > > One day, due to an error, the number of KDC SRV records for one of our > realms doubled from 27 to 54... and KDC lookups via DNS prompty broke. I > bumped up the nextincr value above, and it started working again. > Probably not the right fix, but just letting you know that there's a bug > here.
What platform/OS is this on? A "too-large" response should result in res_nsearch() returning the actual size. If it's returning -1 instead, I can see it causing trouble. Are you willing to run stuff under a debugger to see what res_nsearch() actually returns there? ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
