566c86a disable hostname canonicalization by Kerberos library

Authored and Committed by mbabinsk 7 years ago
    disable hostname canonicalization by Kerberos library
    
    By default, Kerberos client library attempts to canonicalize service
    hostname in TGS requests. This can fail e.g. if hosts file on the client
    machine references short names before FQDNs. In this case the short name
    is used in TGS_REQ which KDC fails to resolve.
    
    Since we do not (yet) support referencing hosts by their short names it
    is safe to just disable this behavior in krb5.conf and use supplied
    FQDNs.
    
    https://fedorahosted.org/freeipa/ticket/6584
    
    Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
    Reviewed-By: Simo Sorce <ssorce@redhat.com>
    
        
file modified
+1 -0