From 5cb7fe3b953ffe22a36f7b570f3bf573fa1e769d Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Thu, 15 Aug 2002 23:13:20 +0000 Subject: [PATCH] * sendto_kdc.c (DEFAULT_UDP_PREF_LIMIT, HARD_UDP_LIMIT): New macros. (debug_log_connect): Look up "udp_preference_limit" in libdefaults part of profile; try TCP before UDP if the packet size is larger than specified. Don't try UDP at all if the packet is over about 32K. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14732 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/os/ChangeLog | 9 ++++++++ src/lib/krb5/os/sendto_kdc.c | 41 +++++++++++++++++++++++++++++++++--- 2 files changed, 47 insertions(+), 3 deletions(-) diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index e13daf397..2cd48383b 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,3 +1,12 @@ +2002-08-15 Ken Raeburn + + * sendto_kdc.c (DEFAULT_UDP_PREF_LIMIT, HARD_UDP_LIMIT): New + macros. + (debug_log_connect): Look up "udp_preference_limit" in libdefaults + part of profile; try TCP before UDP if the packet size is larger + than specified. Don't try UDP at all if the packet is over about + 32K. + 2002-07-23 Ezra Peisach * localaddr.c (get_localaddrs): Add prototype before being used diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c index 2d64ac3e3..4f22b4fa1 100644 --- a/src/lib/krb5/os/sendto_kdc.c +++ b/src/lib/krb5/os/sendto_kdc.c @@ -55,6 +55,9 @@ #endif #endif +#define DEFAULT_UDP_PREF_LIMIT 1465 +#define HARD_UDP_LIMIT 32700 + /* * send the formatted request 'message' to a KDC for realm 'realm' and * return the response (if any) in 'reply'. @@ -83,8 +86,10 @@ krb5_sendto_kdc (context, message, realm, reply, use_master, tcp_only) */ /* - * DO NOT depend on this staying as two separate loops. We may change - * the order, or we may integrate them into one loop. + * DO NOT depend on this staying as two separate loops. We may + * change the order, or we may integrate them into one loop. + * Integration is preferred, since it would keep the total delay + * time down when a timeout occurs. * * BUG: This code won't return "interesting" errors (e.g., out of mem, * bad config file) from locate_kdc. KRB5_REALM_CANT_RESOLVE can be @@ -102,10 +107,28 @@ krb5_sendto_kdc (context, message, realm, reply, use_master, tcp_only) fprintf(stderr, "\", use_master=%d, tcp_only=%d)\n", use_master, tcp_only); #endif + if (!tcp_only && context->udp_pref_limit < 0) { + int tmp; + retval = profile_get_integer(context->profile, + "libdefaults", "udp_preference_limit", 0, + DEFAULT_UDP_PREF_LIMIT, &tmp); + if (retval) + return retval; + if (tmp < 0) + tmp = DEFAULT_UDP_PREF_LIMIT; + else if (tmp > HARD_UDP_LIMIT) + /* In the unlikely case that a *really* big value is + given, let 'em use as big as we think we can support. + Well, almost 64K is probably doable, but let's be, um, + a little conservative. */ + tmp = HARD_UDP_LIMIT; + context->udp_pref_limit = tmp; + } + retval = (use_master ? KRB5_KDC_UNREACH : KRB5_REALM_UNKNOWN); if (!tcp_only - && message->length < 1500 + && message->length <= context->udp_pref_limit && ! krb5_locate_kdc(context, realm, &addrs, use_master, SOCK_DGRAM)) { if (addrs.naddrs > 0) { retval = krb5int_sendto_udp (context, message, &addrs, reply, @@ -123,6 +146,18 @@ krb5_sendto_kdc (context, message, realm, reply, use_master, tcp_only) return 0; } } + if (!tcp_only + && message->length > context->udp_pref_limit + && message->length <= HARD_UDP_LIMIT + && ! krb5_locate_kdc(context, realm, &addrs, use_master, SOCK_DGRAM)) { + if (addrs.naddrs > 0) { + retval = krb5int_sendto_udp (context, message, &addrs, reply, + 0, 0); + krb5int_free_addrlist (&addrs); + if (retval == 0) + return 0; + } + } return retval; } -- 2.26.2