We want to avoid making extra attempts to contact the "master" KDC, in the case
where the password appears to be incorrect according to one KDC but we think
maybe the master KDC could have a newer password, if there isn't actually a
master KDC. Currently the admin_server tag is overloaded for kadmin and
password changing. So, don't use it as a filter on the KDC list; instead, look
for master_kdc as an independent list.
(See also ticket 1511 re contacting the master twice if it's first in the
regular KDC list.)
Doc updates still needed.
* locate_kdc.c (krb5_locate_kdc): Always pass 0 to locate_server as the
get_masters argument. Instead, if get_masters is set, look up "master_kdc" in
the config file instead of "kdc".
ticket: new
target_version: 1.3.2
tags: pullup
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15736
dc483132-0cff-0310-8789-
dd5450dbe970
+2003-07-25 Ken Raeburn <raeburn@mit.edu>
+
+ * locate_kdc.c (krb5_locate_kdc): Always pass 0 to locate_server
+ as the get_masters argument. Instead, if get_masters is set,
+ look up "master_kdc" in the config file instead of "kdc".
+
2003-07-17 Ken Raeburn <raeburn@mit.edu>
* Makefile.in (LIBNAME) [##WIN16##]: Don't define.
sec_udpport = 0;
}
- return krb5int_locate_server(context, realm, addrlist, get_masters, "kdc",
+ return krb5int_locate_server(context, realm, addrlist, 0,
+ get_masters ? "master_kdc" : "kdc",
(get_masters
? "_kerberos-master"
: "_kerberos"),
projects / krb5.git / commitdiff