Implicit REALM/DNS Mapping

[Greg Hudson]

On 02/09/2017 03:17 PM, Nathaniel McCallum wrote:
> Is MIT willing to merge a patch for this?

Yes.  I think the right place to insert the new logic is at the
beginning of krb5_cc_select().  If server has the referral realm (use
krb5_is_referral_realm() for clarity, although we're just looking for an
empty realm), then call krb5_get_fallback_host_realm() and, if it
succeeds, construct a copy of server using the first fallback realm, to
be passed to the modules.