From: Nathaniel McCallum Date: Fri, 7 Aug 2015 19:35:58 +0000 (-0400) Subject: Do not allow stream socket retries in libkrad X-Git-Tag: krb5-1.14-alpha1~46 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=25e0656fdf9862faf9aa91288023776e9a47caad;p=thirdparty%2Fkrb5.git Do not allow stream socket retries in libkrad Before this patch, libkrad would follow the same exact logic for all socket types when the retries parameter was non-zero. This meant that when connecting with SOCK_STREAM, multiple requests were sent in case of packet drops, which, of course, cannot happen for SOCK_STREAM. Instead, just disable retries for SOCK_STREAM sockets. [ghudson@mit.edu: minor wording edits] ticket: 8229 (new) target_version: 1.13.3 tags: pullup --- diff --git a/src/include/krad.h b/src/include/krad.h index 913464c804..e4edb524ca 100644 --- a/src/include/krad.h +++ b/src/include/krad.h @@ -251,7 +251,8 @@ krad_client_free(krad_client *client); * - hostname:service * * The timeout parameter (milliseconds) is the total timeout across all remote - * hosts (when DNS returns multiple entries) and all retries. + * hosts (when DNS returns multiple entries) and all retries. For stream + * sockets, the retries parameter is ignored and no retries are performed. * * The cb function will be called with the data argument when either a response * is received or the request times out on all possible remote hosts. diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c index 795485f19d..aaabffd4f1 100644 --- a/src/lib/krad/remote.c +++ b/src/lib/krad/remote.c @@ -448,6 +448,9 @@ kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs, krb5_error_code retval; request *r; + if (rr->info->ai_socktype == SOCK_STREAM) + retries = 0; + r = TAILQ_FIRST(&rr->list); retval = krad_packet_new_request(rr->kctx, rr->secret, code, attrs, (krad_packet_iter_cb)iterator, &r, &tmp);