c4923edfdd
- update to version 1.9.1
* obsolete patches:
MITKRB5-SA-2010-007-1.8.dif
krb5-1.8-MITKRB5-SA-2010-006.dif
krb5-1.8-MITKRB5-SA-2011-001.dif
krb5-1.8-MITKRB5-SA-2011-002.dif
krb5-1.8-MITKRB5-SA-2011-003.dif
krb5-1.8-MITKRB5-SA-2011-004.dif
krb5-1.4.3-enospc.dif
* replace krb5-1.6.1-compile_pie.dif
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=45
35 lines
1.2 KiB
Diff
35 lines
1.2 KiB
Diff
Fall back to TCP on kdc-unresolvable/unreachable errors. We still have
|
|
to wait for UDP to fail, so this might not be ideal. RT #5868.
|
|
|
|
Index: src/lib/krb5/os/changepw.c
|
|
===================================================================
|
|
--- src/lib/krb5/os/changepw.c.orig
|
|
+++ src/lib/krb5/os/changepw.c
|
|
@@ -282,10 +282,22 @@ change_set_password(krb5_context context
|
|
NULL
|
|
))) {
|
|
|
|
- /*
|
|
- * Here we may want to switch to TCP on some errors.
|
|
- * right?
|
|
- */
|
|
+ /* if we're not using a stream socket, and it's an error which
|
|
+ * might reasonably be specific to a datagram "connection", try
|
|
+ * again with a stream socket */
|
|
+ if (!useTcp) {
|
|
+ switch (code) {
|
|
+ case KRB5_KDC_UNREACH:
|
|
+ case KRB5_REALM_CANT_RESOLVE:
|
|
+ case KRB5KRB_ERR_RESPONSE_TOO_BIG:
|
|
+ /* should we do this for more result codes than these? */
|
|
+ krb5int_free_addrlist (&al);
|
|
+ useTcp = 1;
|
|
+ continue;
|
|
+ default:
|
|
+ break;
|
|
+ }
|
|
+ }
|
|
break;
|
|
}
|
|
|