From: | ghudson@mit.edu |
Subject: | git commit |
Support site-local KDC discovery via DNS
Add the sitename realm variable. If set, service location via DNS
will be attempted using the site name as specified in [MS-ADTS]
6.3.2.3, falling back to regular discovery on failure.
[ghudson@mit.edu: made this strictly a realm variable; moved
k5_get_sitename() to locate_kdc.c and made it take a krb5_data input;
fixed a memory leak; corrected documentation changes; fleshed out
commit message]
https://github.com/krb5/krb5/commit/d035119c3b2b402f3ad49a4c7b6264826ea923bb
Author: Nicolas Williams <nico@cryptonector.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: d035119c3b2b402f3ad49a4c7b6264826ea923bb
Branch: master
doc/admin/conf_files/krb5_conf.rst | 4 ++++
doc/admin/realm_config.rst | 10 ++++++++++
src/include/k5-int.h | 1 +
src/lib/krb5/os/dnssrv.c | 34 ++++++++++++++++++++++++++++------
src/lib/krb5/os/locate_kdc.c | 31 ++++++++++++++++++++++++++++---
src/lib/krb5/os/os-proto.h | 4 +++-
6 files changed, 74 insertions(+), 10 deletions(-)