[Heimdal-source-changes] [heimdal/heimdal] d497d7: krb5_sendto_kdc: failover for multiple AAAA/A RRs ...
Jeffrey Altman
noreply at github.com
Tis May 14 21:52:04 CEST 2019
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: d497d7e4a796c6bda153e7f10fe9478724b855ab
https://github.com/heimdal/heimdal/commit/d497d7e4a796c6bda153e7f10fe9478724b855ab
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-05-14 (Tue, 14 May 2019)
Changed paths:
M lib/krb5/send_to_kdc.c
Log Message:
-----------
krb5_sendto_kdc: failover for multiple AAAA/A RRs on one domain
We found that the libraries behaviour when dealing with domains with
more than one entry in them is slightly suboptimal. The situation
was
kdc1 IN A 1.2.3.4
kdc1 IN AAAA ff02::1
I.e. a single hostmame with both IPv6 and IPv4 addresses. When we
run krb5_sendto_kdc on a box with only IPv4 addresses, there is a
3s delay before it fails back to the IPv4 address. This is because
the library sets the 2nd address on each hostname to be 3s in the
future and each additional one another 3s.
We change wait_response() s.t. if one is able to make progress, we
iterate over the list of hosts and move them all 1s forward. We
also modify submit_request() to skip hosts if host_connect() fails.
Commit: 8740528b2477f872147998ca19a66d2fae12631b
https://github.com/heimdal/heimdal/commit/8740528b2477f872147998ca19a66d2fae12631b
Author: Viktor Dukhovni <viktor at twosigma.com>
Date: 2019-05-14 (Tue, 14 May 2019)
Changed paths:
M lib/krb5/send_to_kdc.c
Log Message:
-----------
Windows-compatible sentinel socket type and value
Compare: https://github.com/heimdal/heimdal/compare/5ca229e0d9c1...8740528b2477
More information about the Heimdal-source-changes
mailing list