Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id B56B83DECC; Mon, 14 Jun 2010 16:01:04 -0400 (EDT) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id o5EK14u1030974; Mon, 14 Jun 2010 16:01:04 -0400 Received: from mailhub-dmz-4.mit.edu (MAILHUB-DMZ-4.MIT.EDU [18.7.62.38]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id o5EJKwqk023757 for ; Mon, 14 Jun 2010 15:20:58 -0400 Received: from dmz-mailsec-scanner-4.mit.edu (DMZ-MAILSEC-SCANNER-4.MIT.EDU [18.9.25.15]) by mailhub-dmz-4.mit.edu (8.13.8/8.9.2) with ESMTP id o5EJKlbw017241 for ; Mon, 14 Jun 2010 15:20:58 -0400 X-Auditid: 1209190f-b7b20ae000003f85-21-4c16811af91f Received: from seraph.oankali.net (seraph.oankali.net [209.9.237.222]) by dmz-mailsec-scanner-4.mit.edu (Symantec Brightmail Gateway) with SMTP id 64.41.16261.A11861C4; Mon, 14 Jun 2010 15:20:58 -0400 (EDT) Received: from seraph.oankali.net (seraph.oankali.net [209.9.237.222]) (authenticated bits=0) by seraph.oankali.net (8.13.8/8.13.8/Debian-3) with ESMTP id o5EJGfwe030057 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 14 Jun 2010 15:16:42 -0400 X-Return-Path: X-Received: from seraph.oankali.net ([unix socket]) by seraph.oankali.net (Cyrus v2.1.18-IPv6-Debian-2.1.18-5.1) with LMTP; Wed, 09 Jun 2010 17:29:42 -0400 X-Sieve: CMU Sieve 2.2 X-Return-Path: X-Received: from mail-vw0-f46.google.com (mail-vw0-f46.google.com [209.85.212.46]) by seraph.oankali.net (8.13.8/8.13.8/Debian-3) with ESMTP id o59LTeY8032428 for ; Wed, 9 Jun 2010 17:29:41 -0400 X-Received: by vws17 with SMTP id 17so4017966vws.33 for ; Wed, 09 Jun 2010 14:33:54 -0700 (PDT) X-Received: by 10.224.66.30 with SMTP id l30mr2680883qai.381.1276119233515; Wed, 09 Jun 2010 14:33:53 -0700 (PDT) X-Forwarded-To: res@seraph.oankali.net X-Forwarded-For: res@qoxp.net res@seraph.oankali.net X-Delivered-To: res+sent@qoxp.net X-Received: by 10.229.74.76 with SMTP id t12cs216255qcj; Wed, 9 Jun 2010 14:33:52 -0700 (PDT) X-Received: by 10.227.127.132 with SMTP id g4mr3155499wbs.177.1276119231601; Wed, 09 Jun 2010 14:33:51 -0700 (PDT) X-Received: from seraph.oankali.net (seraph.oankali.net [209.9.237.222]) by mx.google.com with ESMTP id e9si21160814wbb.38.2010.06.09.14.33.49; Wed, 09 Jun 2010 14:33:50 -0700 (PDT) Received-SPF: fail (google.com: domain of res@qoxp.net does not designate 209.9.237.222 as permitted sender) client-ip=209.9.237.222; Authentication-Results: mx.google.com; spf=hardfail (google.com: domain of res@qoxp.net does not designate 209.9.237.222 as permitted sender) smtp.mail=res@qoxp.net X-Received: from darwin.oankali.net (darwin.oankali.net [98.113.78.28]) by seraph.oankali.net (8.13.8/8.13.8/Debian-3) with ESMTP id o59LTVVQ032419 for ; Wed, 9 Jun 2010 17:29:33 -0400 X-Received: by darwin.oankali.net (Postfix, from userid 501) id 63C0B5CF793; Wed, 9 Jun 2010 17:33:45 -0400 (EDT) Newsgroups: comp.protocols.kerberos Subject: bug report: "too many SRV records" becomes "no SRV records" From: "Richard E. Silverman" Date: Wed, 09 Jun 2010 17:33:44 -0400 Message-ID: User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.1 (darwin) Cancel-Lock: sha1:71If8q123VMTaTkkUmPOhL+vsXI= MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Posted-To: comp.protocols.kerberos To: undisclosed-recipients:; Resent-Date: Mon, 14 Jun 2010 15:16:16 -0400 (EDT) Resent-From: "Richard E. Silverman" Resent-To: krb5-bugs@mit.edu Resent-Subject: bug report: "too many SRV records" becomes "no SRV records" Resent-Message-ID: X-Brightmail-Tracker: AAAAAhSi4FQUox7X X-Mailman-Approved-At: Mon, 14 Jun 2010 16:01:02 -0400 X-Beenthere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Sender: krb5-bugs-incoming-bounces@PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu X-RT-Original-Encoding: us-ascii Content-Length: 688 The following message is a courtesy copy of an article that has been posted to comp.protocols.kerberos as well. In 1.8.1, there is the following code in src/lib/krb5/os/dnsglue.c: krb5int_dns_init(struct krb5int_dns_state **dsp, char *host, int nclass, int ntype) { ... nextincr = 2048; maxincr = INT_MAX; ... One day, due to an error, the number of KDC SRV records for one of our realms doubled from 27 to 54... and KDC lookups via DNS prompty broke. I bumped up the nextincr value above, and it started working again. Probably not the right fix, but just letting you know that there's a bug here. -- Richard Silverman res@qoxp.net