sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code

r11529: Disable DNS lookups for forwarded credentials, unless really, really

Browse Source 
wanted.  There is nothing that suggests that the host we forward
credentials to will not have other interfaces, unassoicated with their
service name.  Likewise, the name may be a netbios, not DNS name.

This should avoid some nasty DNS lookups.

Andrew Bartlett
This commit is contained in:
Andrew Bartlett 2005-11-06 01:46:12 +00:00 committed by Gerald (Jerry) Carter
parent d14948fdf6
commit da0ff19856
1 changed files with 41 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
source/heimdal/lib/krb5/get_for_creds.c
View File

@ -162,7 +162,8 @@ krb5_get_forwarded_creds (krb5_context context,
{
krb5_error_code ret;
krb5_creds *out_creds;
krb5_addresses addrs, *paddrs;
krb5_addresses *paddrs = NULL;
krb5_addresses addrs;
KRB_CRED cred;
KrbCredInfo *krb_cred_info;
EncKrbCredPart enc_krb_cred_part;
@ -171,18 +172,23 @@ krb5_get_forwarded_creds (krb5_context context,
size_t buf_size;
krb5_kdc_flags kdc_flags;
krb5_crypto crypto;
struct addrinfo *ai;
int save_errno;
krb5_creds *ticket;
char *realm;
krb5_boolean noaddr_ever;
addrs.len = 0;
addrs.val = NULL;
if (in_creds->client && in_creds->client->realm)
realm = in_creds->client->realm;
else
realm = in_creds->server->realm;
addrs.len = 0;
addrs.val = NULL;
krb5_appdefault_boolean(context, NULL, realm, "no-addresses-ever",
TRUE, &noaddr_ever);
if (!noaddr_ever) {
struct addrinfo *ai;
paddrs = &addrs;
/*
@ -214,6 +220,7 @@ krb5_get_forwarded_creds (krb5_context context,
if (ret)
return ret;
}
}
kdc_flags.b = int2KDCOptions(flags);