1 files changed, 41 insertions, 13 deletions

diff --git a/src/util/domain_info_utils.c b/src/util/domain_info_utils.c
index 1aacfa283..3a3f5130a 100644
--- a/src/util/domain_info_utils.c
+++ b/src/util/domain_info_utils.c
@@ -734,15 +734,14 @@ done:
 #endif
 }
 
-#define KRB5_LIBDEFAUTLS_CONFIG \
-"[libdefaults]\n" \
-" canonicalize = true\n"
-
-static errno_t sss_write_krb5_libdefaults_snippet(const char *path)
+static errno_t sss_write_krb5_libdefaults_snippet(const char *path,
+                                                  bool canonicalize,
+                                                  bool udp_limit)
 {
     int ret;
     TALLOC_CTX *tmp_ctx = NULL;
     const char *file_name;
+    char *file_contents;
 
     tmp_ctx = talloc_new(NULL);
     if (tmp_ctx == NULL) {
@@ -760,7 +759,37 @@ static errno_t sss_write_krb5_libdefaults_snippet(const char *path)
     DEBUG(SSSDBG_FUNC_DATA, "File for KRB5 kibdefaults configuration is [%s]\n",
                              file_name);
 
-    ret = sss_write_krb5_snippet_common(file_name, KRB5_LIBDEFAUTLS_CONFIG);
+    file_contents = talloc_strdup(tmp_ctx, "[libdefaults]\n");
+    if (file_contents == NULL) {
+        DEBUG(SSSDBG_OP_FAILURE,
+              "talloc_asprintf failed while creating the content\n");
+        ret = ENOMEM;
+        goto done;
+    }
+
+    if (canonicalize == true) {
+        file_contents = talloc_asprintf_append(file_contents,
+                                               " canonicalize = true\n");
+        if (file_contents == NULL) {
+            DEBUG(SSSDBG_OP_FAILURE,
+                  "talloc_asprintf failed while appending to the content\n");
+            ret = ENOMEM;
+            goto done;
+        }
+    }
+
+    if (udp_limit == true) {
+        file_contents = talloc_asprintf_append(file_contents,
+                                               " udp_preference_limit = 0\n");
+        if (file_contents == NULL) {
+            DEBUG(SSSDBG_OP_FAILURE,
+                  "talloc_asprintf failed while appending to the content\n");
+            ret = ENOMEM;
+            goto done;
+        }
+    }
+
+    ret = sss_write_krb5_snippet_common(file_name, file_contents);
     if (ret != EOK) {
         DEBUG(SSSDBG_OP_FAILURE, "sss_write_krb5_snippet_common failed.\n");
         goto done;
@@ -772,7 +801,8 @@ done:
     return ret;
 }
 
-errno_t sss_write_krb5_conf_snippet(const char *path, bool canonicalize)
+errno_t sss_write_krb5_conf_snippet(const char *path, bool canonicalize,
+                                    bool udp_limit)
 {
     errno_t ret;
     errno_t err;
@@ -794,12 +824,10 @@ errno_t sss_write_krb5_conf_snippet(const char *path, bool canonicalize)
         goto done;
     }
 
-    if (canonicalize) {
-        ret = sss_write_krb5_libdefaults_snippet(path);
-        if (ret != EOK) {
-            DEBUG(SSSDBG_OP_FAILURE, "sss_write_krb5_libdefaults_snippet failed.\n");
-            goto done;
-        }
+    ret = sss_write_krb5_libdefaults_snippet(path, canonicalize, udp_limit);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE, "sss_write_krb5_libdefaults_snippet failed.\n");
+        goto done;
     }
 
     ret = EOK;