diff --git a/lib/gssapi/gssapi/gssapi_krb5.h b/lib/gssapi/gssapi/gssapi_krb5.h
index f4a5fc7d6..d522a0f6b 100644
--- a/lib/gssapi/gssapi/gssapi_krb5.h
+++ b/lib/gssapi/gssapi/gssapi_krb5.h
@@ -117,6 +117,9 @@ gsskrb5_extract_authz_data_from_sec_context
 OM_uint32
 gss_krb5_compat_des3_mic(OM_uint32 *, gss_ctx_id_t, int);
 
+OM_uint32
+gsskrb5_set_dns_canonlize(int);
+
 /*
  * Lucid - NFSv4 interface to GSS-API KRB5 to expose key material to
  * do GSS content token handling in-kernel.
diff --git a/lib/gssapi/mech/gss_krb5.c b/lib/gssapi/mech/gss_krb5.c
index fd59abb08..f00e00019 100644
--- a/lib/gssapi/mech/gss_krb5.c
+++ b/lib/gssapi/mech/gss_krb5.c
@@ -203,6 +203,31 @@ gsskrb5_register_acceptor_identity(const char *identity)
 	return (GSS_S_COMPLETE);
 }
 
+OM_uint32
+gsskrb5_set_dns_canonlize(int flag)
+{
+        struct _gss_mech_switch	*m;
+	gss_buffer_desc buffer;
+	OM_uint32 junk;
+	char b = (flag != 0);
+
+	_gss_load_mech();
+
+	buffer.value = &b;
+	buffer.length = sizeof(b);
+
+	SLIST_FOREACH(m, &_gss_mechs, gm_link) {
+		if (m->gm_mech.gm_set_sec_context_option == NULL)
+			continue;
+		m->gm_mech.gm_set_sec_context_option(&junk, NULL,
+		    GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X, &buffer);
+	}
+
+	return (GSS_S_COMPLETE);
+}
+
+
+
 static krb5_error_code
 set_key(krb5_keyblock *keyblock, gss_krb5_lucid_key_t *key)
 {