[krbdev.mit.edu #1380] Duplicate DNS Lookups make krb5_init_creds slow

[Alexandra Ellwood via RT]

Getting tickets with 1.3 on KfM can be slow because of DNS requests. 
Attached is a tcpdump of the DNS request interleaved with the krb5
requests.  krb5_sendto_kdc calls krb5_locate_kdc twice for udp and tcp
respectively, so each kdc in the config file is looked up twice.  For
some reason on Mac OS X 10.2.4, these queries are not cached by lookupd.

Also, I didn't notice these problems until I started compiling with
KRB5_DNS_LOOKUP and KRB5_DNS_LOOKUP_KDC 1 (previously they were 0 on the
Mac).  I couldn't figure out from the code why this was, since my config
file contains:

[libdefaults]
        dns_lookup_realm = false
        dns_lookup_kdc = false

In the config file, the Athena realm is specified as:

[realms]
        ATHENA.MIT.EDU = {
                kdc = kerberos.mit.edu.:88
                kdc = kerberos-1.mit.edu.:88
                kdc = kerberos-2.mit.edu.:88
                kdc = kerberos-3.mit.edu.:88
                admin_server = kerberos.mit.edu.
                default_domain = mit.edu
        }

Obviously removing the .s at the end of the kdc names will result in
more lookups and more slowness.