[krbdev.mit.edu #5393] krb5-1.6: tcp kpasswd service required if only admin_server is specified in krb5.conf
Jeffrey Altman via RT
rt-comment at krbdev.mit.edu
Thu Jan 18 06:47:55 EST 2007
I do not believe that this patch is correct.
The SOCK_STREAM parameter to krb5int_locate_server does not determine
what type of connection is used to connect the kpasswd service. The
SOCK_STREAM parameter is specified so that the lookup of the DNS SRV
record for the kadmin service will be performed using '_tcp' as the
kadmin service is a TCP only service.
Changing SOCK_STREAM to 'sockType' will cause the DNS SRV query to use
'_udp' which should always fail.
This parameter is not used when searching the krb5.conf file.
Jeffrey Altman
More information about the krb5-bugs
mailing list