[krbdev.mit.edu #3334] libkrb5 treats all KDC errors as terminal
Tom Yu via RT
rt-comment at krbdev.mit.edu
Tue Jan 10 16:38:04 EST 2006
>>>>> "lukeh" == lukeh at padl com via RT <rt-comment at krbdev.mit.edu> writes:
lukeh> If a KDC returns KDC_ERR_SVC_UNAVAILABLE, it appears that that the
lukeh> client library will not failover to the next KDC. All error codes,
lukeh> except for KDC_ERR_RESPONSE_TOO_BIG, are treated as terminal.
Could you be more specific about whether this is for AS_REQ or
TGS_REQ, and about which functions are affected?
Also, note that our code doesn't actually define
KDC_ERR_SVC_UNAVAILABLE. Do you know what its semantics are? Are
there other KDC error codes you feel should be "soft" errors?
---Tom
More information about the krb5-bugs
mailing list