[krbdev.mit.edu #4114] no mechanism for timing out DNS lookups
Russ Allbery <rra@stanford.edu> via RT
rt-comment at krbdev.mit.edu
Sun Aug 6 18:08:15 EDT 2006
It would be nice to be able to specify a timeout for doing DNS lookups
of, for instance, KDC IP addresses. Right now, the library just calls
getaddrinfo and takes however long getaddrinfo takes. When Kerberos
calls are done by a PAM module, this can result in login timeouts rather
than failover to local authentication.
Solving this problem will probably require using an asynchronous DNS
mechanism such as described in RT#1453.
More information about the krb5-bugs
mailing list