From ced712f1a1d60d5e24d207d97efbc4dddc051079 Mon Sep 17 00:00:00 2001
From: Stephen Frost <sfrost@snowman.net>
Date: Fri, 7 Apr 2023 19:36:25 -0400
Subject: [PATCH] For Kerberos testing, disable DNS lookups

Similar to 8dff2f224, this disables DNS lookups by the Kerberos library
to look up the KDC and the realm while the Kerberos tests are running.
In some environments, these lookups can take a long time and end up
timing out and causing tests to fail.  Further, since this isn't really
our domain, we shouldn't be sending out these DNS requests during our
tests.
---
 src/test/kerberos/t/001_auth.pl | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/test/kerberos/t/001_auth.pl b/src/test/kerberos/t/001_auth.pl
index ec24db48ed2..64117c24193 100644
--- a/src/test/kerberos/t/001_auth.pl
+++ b/src/test/kerberos/t/001_auth.pl
@@ -103,6 +103,11 @@ $krb5_version = $1;
 # that information in DNS, and also because we're using a
 # non-standard KDC port.
 #
+# Also explicitly disable DNS lookups since this isn't really
+# our domain and we shouldn't be causing random DNS requests
+# to be sent out (not to mention that broken DNS environments
+# can cause the tests to take an extra long time and timeout).
+#
 # Reverse DNS is explicitly disabled to avoid any issue with a
 # captive portal or other cases where the reverse DNS succeeds
 # and the Kerberos library uses that as the canonical name of
@@ -114,6 +119,8 @@ default = FILE:$krb5_log
 kdc = FILE:$kdc_log
 
 [libdefaults]
+dns_lookup_realm = false
+dns_lookup_kdc = false
 default_realm = $realm
 rdns = false