`Krb5Config.CurrentUser()` fails if `libdefaults.dns_canonicalize_hostname` is "fallback"
MageFroh opened this issue · 1 comments
Describe the bug
On my Linux machine (Red Hat Enterprise Linux 9), in /etc/krb5.conf, libdefaults.dns_canonicalize_hostname has value fallback.
It looks like it's something new: the krb5.conf man page mentions for dns_canonicalize_hostname:
If this option is set to fallback (new in release 1.18), DNS canonicalization will only be performed the server hostname is not found with the original name when requesting credentials.
To Reproduce
On such a machine, call Krb5Config.CurrentUser(),
This throws System.ArgumentException: Property libdefaults.dns_canonicalize_hostname could not be set.
at Kerberos.NET.Configuration.ConfigurationSectionList.CreateInstance(Type propertyType, String baseName) in D:\a\1\s\Kerberos.NET\Configuration\ConfigurationSectionList.cs:line 682
at Kerberos.NET.Configuration.ConfigurationSectionList.SetPropertyValue(Krb5Config config, PropertyInfo property) in D:\a\1\s\Kerberos.NET\Configuration\ConfigurationSectionList.cs:line 599
at Kerberos.NET.Configuration.ConfigurationSectionList.ToConfigObject(Krb5Config config) in D:\a\1\s\Kerberos.NET\Configuration\ConfigurationSectionList.cs:line 324
at Kerberos.NET.Configuration.Krb5Config.CurrentUser(String path) in D:\a\1\s\Kerberos.NET\Configuration\Krb5Config.cs:line 122
Expected behavior
A Krb5Config instance is returned.
Screenshots
If applicable, add screenshots to help explain your problem.
Additional context
It looks like dns_canonicalize_hostname=fallback is the default for what RHEL 9 installs: this section of the file was not customised.
Yep, that's going to fail parsing. Looks like we treat it internally as a bool and fallback is rightfully not a valid boolean string value. Might be a bit before I can tackle this, but PRs are welcome. My initial proposal would be to switch it to something like an enum.
public enum DnsCanonicalization
{
False,
True,
Fallback
}