Add configuration option for URI lookups

author Matt Rogers <mrogers@redhat.com>

Wed, 24 Aug 2016 04:42:16 +0000 (00:42 -0400)

committer Greg Hudson <ghudson@mit.edu>

Mon, 19 Sep 2016 15:43:12 +0000 (11:43 -0400)
author Matt Rogers <mrogers@redhat.com>
Wed, 24 Aug 2016 04:42:16 +0000 (00:42 -0400)
committer Greg Hudson <ghudson@mit.edu>
Mon, 19 Sep 2016 15:43:12 +0000 (11:43 -0400)
diff --git a/src/include/k5-int.h b/src/include/k5-int.h

index eb73fa75a0ddab9bb9098e1994ec1093eb782086..add0bc34e550d09838e0f686bb0ef499b3d15867 100644 (file)
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -209,6 +209,7 @@ typedef unsigned char   u_char;
  #define KRB5_CONF_DNS_FALLBACK                 "dns_fallback"
  #define KRB5_CONF_DNS_LOOKUP_KDC               "dns_lookup_kdc"
  #define KRB5_CONF_DNS_LOOKUP_REALM             "dns_lookup_realm"
+#define KRB5_CONF_DNS_URI_LOOKUP               "dns_uri_lookup"
  #define KRB5_CONF_DOMAIN_REALM                 "domain_realm"
  #define KRB5_CONF_ENABLE_ONLY                  "enable_only"
  #define KRB5_CONF_ERR_FMT                      "err_fmt"
diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c

index b37dfda03c3f70156092e128eb1b2ea45b5775ae..5d74c8315ee159d6c613b1b6371ad8ba5d50aedc 100644 (file)
--- a/src/lib/krb5/os/locate_kdc.c
+++ b/src/lib/krb5/os/locate_kdc.c
@@ -45,6 +45,7 @@
  #else
  #define DEFAULT_LOOKUP_REALM 0
  #endif
+#define DEFAULT_URI_LOOKUP TRUE
  
  static int
  maybe_use_dns (krb5_context context, const char *name, int defalt)
@@ -70,6 +71,18 @@ maybe_use_dns (krb5_context context, const char *name, int defalt)
      return use_dns;
  }
  
+static krb5_boolean
+use_dns_uri(krb5_context ctx)
+{
+    krb5_error_code ret;
+    krb5_boolean use;
+
+    ret = profile_get_boolean(ctx->profile, KRB5_CONF_LIBDEFAULTS,
+                              KRB5_CONF_DNS_URI_LOOKUP, NULL,
+                              DEFAULT_URI_LOOKUP, &use);
+    return ret ? DEFAULT_URI_LOOKUP : use;
+}
+
  int
  _krb5_use_dns_kdc(krb5_context context)
  {
@@ -652,7 +665,7 @@ dns_locate_server_uri(krb5_context context, const krb5_data *realm,
      int def_port;
      krb5_boolean find_master = FALSE;
  
-    if (!_krb5_use_dns_kdc(context))
+    if (!_krb5_use_dns_kdc(context) || !use_dns_uri(context))
          return 0;
  
      switch (svc) {
author	Matt Rogers <mrogers@redhat.com>
	Wed, 24 Aug 2016 04:42:16 +0000 (00:42 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 19 Sep 2016 15:43:12 +0000 (11:43 -0400)
src/include/k5-int.h		patch \| blob \| blame \| history
src/lib/krb5/os/locate_kdc.c		patch \| blob \| blame \| history