This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 1248721 - RFE: kpasswd&co. should use TCP by default
RFE: kpasswd&co. should use TCP by default
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: krb5 (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Robbie Harwood
BaseOS QE Security Team
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2015-07-30 12:53 EDT by Roland Mainz
Modified: 2016-01-07 12:45 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-01-07 12:45:43 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Roland Mainz 2015-07-30 12:53:05 EDT
[More or less as fallout from]
RFE: kpasswd&co. should use TCP by default and fall-back to UDP, based on what is configured in the krb5 configuration (in krb5 1.13.x we default to TCP).

Right now we use a weird algorithm which tries UDP first and only switch to TCP if we it certain UDP error conditions. IMHO we should stop sniffing and probing around and just do what the config says...
Comment 3 Robbie Harwood 2015-09-10 14:20:13 EDT
Adding upstream ticket.
Comment 5 Robbie Harwood 2016-01-07 12:45:43 EST
krb5 prefers UDP for everything, including kpasswd.  Even if we end up needing the TCP logic, we only eat one round-trip before falling back to that anyway.  Further, my understanding is that this is configurable.

If upstream changes their position (see URL), we can revisit this; otherwise, I believe it safe to close.

Note You need to log in before you can comment on or make changes to this bug.