Author: abartlet Date: 2005-09-21 22:55:39 +0000 (Wed, 21 Sep 2005) New Revision: 10398
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10398 Log: Don't do DNS lookups on short names (no .). Andrew Bartlett Modified: branches/SAMBA_4_0/source/auth/kerberos/kerberos-notes.txt branches/SAMBA_4_0/source/heimdal/lib/krb5/krbhst.c Changeset: Modified: branches/SAMBA_4_0/source/auth/kerberos/kerberos-notes.txt =================================================================== --- branches/SAMBA_4_0/source/auth/kerberos/kerberos-notes.txt 2005-09-21 19:43:42 UTC (rev 10397) +++ branches/SAMBA_4_0/source/auth/kerberos/kerberos-notes.txt 2005-09-21 22:55:39 UTC (rev 10398) @@ -365,4 +365,12 @@ just error code translations. +Short name rules +---------------- +Samba is highly likely to be misconfigured, in many weird and +interesting ways. As such, we have a patch for Heimdal that avoids +DNS lookups on names without a . in them. This should avoid some +delay and root server load. + + Modified: branches/SAMBA_4_0/source/heimdal/lib/krb5/krbhst.c =================================================================== --- branches/SAMBA_4_0/source/heimdal/lib/krb5/krbhst.c 2005-09-21 19:43:42 UTC (rev 10397) +++ branches/SAMBA_4_0/source/heimdal/lib/krb5/krbhst.c 2005-09-21 22:55:39 UTC (rev 10398) @@ -634,6 +634,11 @@ return NULL; } + /* For 'realms' without a . do not even think of going to DNS */ + if (!strchr(realm, '.')) { + kd->flags |= KD_CONFIG_EXISTS; + } + if (flags & KRB5_KRBHST_FLAGS_LARGE_MSG) kd->flags |= KD_LARGE_MSG; kd->end = kd->index = &kd->hosts;
