[krbdev.mit.edu #7526] "Invalid argument" error for nonexistent KDC hostname

[Greg Hudson via RT]

On Ubuntu 12.04 and some other glibc-based platforms, if you put an 
invalid KDC hostname for krb5.conf, you may see an error like this from 
krb5 1.10 and later:

    kinit: Invalid argument while getting initial credentials

This happens because getaddrinfo returns EAI_NODATA, but that symbol 
isn't visible to sendto_kdc.c because <netdb.h> doesn't define it (it 
only does if _GNU_SOURCE is defined).  So translate_ai_error doesn't 
know how to translate the error, and returns EINVAL instead of 0 like 
it's supposed to.  (I'm not sure we'd produce a good error message if 
translate_ai_error did return 0; that may be a secondary bug.)

I don't think this is correct behavior from getaddrinfo.  EAI_NODATA is 
documented as meaning "The specified network host exists, but does not 
have any network addresses defined" which doesn't match getting an 
NXDOMAIN from the DNS request.  This odd behavior is specific to calling 
getaddrinfo with the AI_ADDRCONFIG flag (or with a null hint); if you 
invoke it without AI_ADDRCONFIG, you get EAI_NONAME instead.  Since krb5 
1.9 and prior call getaddrinfo without AI_ADDRCONFIG, they don't have 
this bug.

Whether this is a getaddrinfo bug is mostly immaterial, since we want to 
be able to recognize and translate legitimate EAI_NODATA errors 
regardless.  The simplest way to do that would be to define _GNU_SOURCE 
when building krb5.  That could have subtle implications elsewhere in 
the code base, but those implications are generally positive.