krb5 commit [krb5-1.10]: In sn2princ, getaddrinfo without AI_ADDRCONFIG
Tom Yu
tlyu at MIT.EDU
Wed May 16 14:37:49 EDT 2012
https://github.com/krb5/krb5/commit/57738b357e8b03bcb7af2f147c97cb84d0ce96e2
commit 57738b357e8b03bcb7af2f147c97cb84d0ce96e2
Author: Greg Hudson <ghudson at mit.edu>
Date: Thu May 3 15:15:51 2012 +0000
In sn2princ, getaddrinfo without AI_ADDRCONFIG
When canonicalizing a principal, use AI_CANONNAME alone in the hint
flags for getaddrinfo, for two reasons. First, it works around a gnu
libc bug where getaddrinfo does a PTR lookup for the canonical name
(we tried to work around this in r24977 bug the addition of
AI_ADDRCONFIG caused the same problem as the use of AF_INET). Second,
an IPv4-only host should be able create a principal for an IPv6-only
host even if it can't contact the host.
This does result in extra AAAA queries in the common case (IPv4-only
host contacting IPv4-only service), which is unfortunate. But we need
to leave that optimization up to the platform at this point.
(cherry picked from commit c3ab5fe0b01a68b14d5657740006488721b48b7b)
ticket: 7124
version_fixed: 1.10.2
status: resolved
src/lib/krb5/os/sn2princ.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c
index 1bee5ae..f149feb 100644
--- a/src/lib/krb5/os/sn2princ.c
+++ b/src/lib/krb5/os/sn2princ.c
@@ -105,7 +105,7 @@ krb5_sname_to_principal(krb5_context context, const char *hostname, const char *
hostnames associated. */
memset(&hints, 0, sizeof(hints));
- hints.ai_flags = AI_CANONNAME | AI_ADDRCONFIG;
+ hints.ai_flags = AI_CANONNAME;
err = getaddrinfo(hostname, 0, &hints, &ai);
if (err) {
#ifdef DEBUG_REFERRALS
More information about the cvs-krb5
mailing list