[39063] in Kerberos
Re: KDC timeout for MIT Kerberos?
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Feb 10 00:51:39 2022
To: Russ Allbery <eagle@eyrie.org>, <kerberos@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <3be8d554-d775-be04-0c56-f2e7c0cd2f74@mit.edu>
Date: Thu, 10 Feb 2022 00:47:54 -0500
MIME-Version: 1.0
In-Reply-To: <87sfsskk0j.fsf@hope.eyrie.org>
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 2/9/22 12:49 PM, Russ Allbery wrote:
> My understanding is that Heimdal supports the kdc_timeout configuration
> option in krb5.conf, but I don't see an equivalent for MIT Kerberos. Is
> there any way for the application or for the user to control how long it
> takes for the library to decide that it's not going to get a reply from
> the KDC and fail the krb5_get_init_creds_password attempt?
There's no configuration setting. An application can install a send
hook (krb5_set_kdc_send_hook()), but that would require reimplementing a
lot of logic just to change the timeout.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
