sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-26 21:57:41 +03:00
Code

ads_connect: Return immediately on a failed GC connection.

Browse Source 
ads_connect_gc() feeds an explicit server to ads_connect().  However, if the
resulting connection fails, the latter function was attempting to find a DC
on its own and continuing the connection.  This resulting in GC searches being
sent over a connection using port 389 which would fail when using the base
search suffix outside of the domain naming context.

The fix is to fail immediately in ads_connect() since the GC lookup ordering
is handled already in ads_connect_gc().
This commit is contained in:
Gerald (Jerry) Carter 2009-01-16 12:06:49 -06:00
parent 57f978d171
commit 073e9f42f0
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
source3/libads/ldap.c
View File

@ -581,9 +581,20 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads)
TALLOC_FREE(s);
}
if (ads->server.ldap_server &&
ads_try_connect(ads, ads->server.ldap_server, ads->server.gc)) {
goto got_connection;
if (ads->server.ldap_server)
{
if (ads_try_connect(ads, ads->server.ldap_server, ads->server.gc)) {
goto got_connection;
}
/* The choice of which GC use is handled one level up in
ads_connect_gc(). If we continue on from here with
ads_find_dc() we will get GC searches on port 389 which
doesn't work. --jerry */
if (ads->server.gc == true) {
return ADS_ERROR(LDAP_OPERATIONS_ERROR);
}
}
ntstatus = ads_find_dc(ads);