diff options
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 8 | ||||
| -rw-r--r-- | src/lib/krb5/krb/gic_keytab.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/gic_pwd.c | 6 |
3 files changed, 14 insertions, 4 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 59d8765aa..080e39375 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,11 @@ +2000-04-07 Jeffrey Altman <jaltman@columbia.edu> + + * gic_pwd.c (krb5_get_init_creds_keytab), gic_pwd.c (krb5_get_init_creds_password) + when determining whether or not to retry with a "master kdc" do not retry if + the return value from the first attempt was KRB5_REALM_CANT_RESOLV. Also, do + not overwrite the return code if the return value from the access to the "master + kdc" was KRB5_REALM_CANT_RESOLV. + 2000-03-15 Danilo Almeida <dalmeida@mit.edu> * init_ctx.c (init_common), gic_pwd.c (krb5_get_as_key_password, diff --git a/src/lib/krb5/krb/gic_keytab.c b/src/lib/krb5/krb/gic_keytab.c index ad33fb990..98bbbd0f8 100644 --- a/src/lib/krb5/krb/gic_keytab.c +++ b/src/lib/krb5/krb/gic_keytab.c @@ -87,7 +87,7 @@ krb5_get_init_creds_keytab(context, creds, client, arg_keytab, /* If all the kdc's are unavailable fail */ - if (ret == KRB5_KDC_UNREACH) + if ((ret == KRB5_KDC_UNREACH) || (ret == KRB5_REALM_CANT_RESOLVE)) goto cleanup; /* if the reply did not come from the master kdc, try again with @@ -109,7 +109,7 @@ krb5_get_init_creds_keytab(context, creds, client, arg_keytab, /* if the master is unreachable, return the error from the slave we were able to contact */ - if (ret2 == KRB5_KDC_UNREACH) + if ((ret2 == KRB5_KDC_UNREACH) || (ret == KRB5_REALM_CANT_RESOLVE)) goto cleanup; ret = ret2; diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index 8debaee02..86a1480ea 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -144,7 +144,8 @@ krb5_get_init_creds_password(context, creds, client, password, prompter, data, user interrupt, fail */ if ((ret == KRB5_KDC_UNREACH) || - (ret == KRB5_LIBOS_PWDINTR)) + (ret == KRB5_LIBOS_PWDINTR) || + (ret == KRB5_REALM_CANT_RESOLVE)) goto cleanup; /* if the reply did not come from the master kdc, try again with @@ -166,7 +167,8 @@ krb5_get_init_creds_password(context, creds, client, password, prompter, data, /* if the master is unreachable, return the error from the slave we were able to contact */ - if (ret2 == KRB5_KDC_UNREACH) + if ((ret2 == KRB5_KDC_UNREACH) || + (ret2 == KRB5_REALM_CANT_RESOLVE)) goto cleanup; ret = ret2; |