krb5 commit [krb5-1.14]: Fix udp_preference_limit with SRV records

[Greg Hudson]

https://github.com/krb5/krb5/commit/8baafc7a7150e585d9691159b8bc33e823f36f8d
commit 8baafc7a7150e585d9691159b8bc33e823f36f8d
Author: Greg Hudson <ghudson at mit.edu>
Date:   Mon Feb 27 22:35:07 2017 -0500

    Fix udp_preference_limit with SRV records
    
    In sendto_kdc:resolve_server() when resolving a server entry with a
    specified transport, defer the resulting addresses if the strategy
    dictates that the specified transport is not preferred.  Reported by
    Jochen Hein.
    
    (cherry picked from commit bc7594058011c2f9711f24af4fa15a421a8d5b62)
    
    ticket: 8554
    version_fixed: 1.14.5

 src/lib/krb5/os/sendto_kdc.c |   12 ++++++++----
 1 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index 6231de2..d11aa11 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -732,7 +732,7 @@ resolve_server(krb5_context context, const krb5_data *realm,
     struct server_entry *entry = &servers->servers[ind];
     k5_transport transport;
     struct addrinfo *addrs, *a, hint, ai;
-    krb5_boolean defer;
+    krb5_boolean defer = FALSE;
     int err, result;
     char portbuf[PORT_LENGTH];
 
@@ -752,9 +752,13 @@ resolve_server(krb5_context context, const krb5_data *realm,
                               NULL, NULL, entry->uri_path, udpbufp);
     }
 
-    /* If the entry has a specified transport, use it. */
-    if (entry->transport != TCP_OR_UDP)
+    /* If the entry has a specified transport, use it, but possibly defer the
+     * addresses we add based on the strategy. */
+    if (entry->transport != TCP_OR_UDP) {
         transport = entry->transport;
+        defer = (entry->transport == TCP && strategy == UDP_FIRST) ||
+            (entry->transport == UDP && strategy == UDP_LAST);
+    }
 
     memset(&hint, 0, sizeof(hint));
     hint.ai_family = entry->family;
@@ -774,7 +778,7 @@ resolve_server(krb5_context context, const krb5_data *realm,
     /* Add each address with the specified or preferred transport. */
     retval = 0;
     for (a = addrs; a != 0 && retval == 0; a = a->ai_next) {
-        retval = add_connection(conns, transport, FALSE, a, ind, realm,
+        retval = add_connection(conns, transport, defer, a, ind, realm,
                                 entry->hostname, portbuf, entry->uri_path,
                                 udpbufp);
     }