[krbdev.mit.edu #8838] kinit - reuse the TCP/HTTPS connection

Дилян Палаузов via RT rt-comment at KRBDEV-PROD-APP-1.mit.edu
Fri Oct 4 09:58:08 EDT 2019 

Fri Oct 04 09:58:07 2019: Request 8838 was acted upon.
 Transaction: Ticket created by dilyan.palauzov at aegee.org
       Queue: krb5
     Subject: kinit - reuse the TCP/HTTPS connection
       Owner: Nobody
  Requestors: dilyan.palauzov at aegee.org
      Status: new
 Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8838 >


Hello,

using 1.17 with kdc.conf containing
[realms]
AEGEE.ORG = {
        kdc = https://mail.aegee.org/KdcProxy
        kpasswd_server = https://mail.aegee.org/KdcProxy/
        dns_lookup_kdc = no
}

this
  echo abc | KRB5_TRACE=/dev/stdout kinit aaa at AEGEE.ORG 

sends three POST requests and prints three times
  Terminating TCP connection to https 144.76.142.78:443

kinit shall reuse the TCP connection for all HTTP POST calls and terminate it only once.

Likewise, when the communication is done over TCP (not HTTPS), with udp_preference_limit=1 in [libdefaults], without the
AEGEE.ORG in [realms], 

  echo abc | KRB5_TRACE=/dev/stdout kinit aaa at AEGEE.ORG

prints three times “Terminating TCP connection to stream 144.76.142.78:88”.  It shall reuse the TCP connection.

Regards
  Дилян

More information about the krb5-bugs mailing list