s3-libads Pass a struct sockaddr_storage to cldap routines

This avoids these routines doing a DNS lookup that has already been
done, and ensures that the emulated DNS lookup isn't thrown away.

Andrew Bartlett

source3/libads/cldap.c

@@ -30,7 +30,7 @@
 *******************************************************************/
 
 bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
-			const char *server,
+			struct sockaddr_storage *ss,
 			const char *realm,
 			uint32_t nt_version,
 			struct netlogon_samlogon_response **_reply)
@@ -39,18 +39,12 @@ bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
 	struct cldap_netlogon io;
 	struct netlogon_samlogon_response *reply;
 	NTSTATUS status;
-	struct sockaddr_storage ss;
 	char addrstr[INET6_ADDRSTRLEN];
 	const char *dest_str;
 	int ret;
 	struct tsocket_address *dest_addr;
 
-	if (!interpret_string_addr_prefer_ipv4(&ss, server, 0)) {
-		DEBUG(2,("Failed to resolve[%s] into an address for cldap\n",
-			server));
-		return false;
-	}
-	dest_str = print_sockaddr(addrstr, sizeof(addrstr), &ss);
+	dest_str = print_sockaddr(addrstr, sizeof(addrstr), ss);
 
 	ret = tsocket_address_inet_from_strings(mem_ctx, "ip",
 						dest_str, LDAP_PORT,
@@ -113,7 +107,7 @@ failed:
 *******************************************************************/
 
 bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx,
-			  const char *server,
+			  struct sockaddr_storage *ss,
 			  const char *realm,
 			  struct NETLOGON_SAM_LOGON_RESPONSE_EX *reply5)
 {
@@ -121,7 +115,7 @@ bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx,
 	struct netlogon_samlogon_response *reply = NULL;
 	bool ret;
 
-	ret = ads_cldap_netlogon(mem_ctx, server, realm, nt_version, &reply);
+	ret = ads_cldap_netlogon(mem_ctx, ss, realm, nt_version, &reply);
 	if (!ret) {
 		return false;
 	}

source3/libads/cldap.h

@@ -2,11 +2,11 @@
 
 /* The following definitions come from libads/cldap.c  */
 bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
-			const char *server,
+			struct sockaddr_storage *ss,
 			const char *realm,
 			uint32_t nt_version,
 			struct netlogon_samlogon_response **reply);
 bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx,
-			  const char *server,
+			  struct sockaddr_storage *ss,
 			  const char *realm,
 			  struct NETLOGON_SAM_LOGON_RESPONSE_EX *reply5);

source3/libads/ldap.c

@@ -196,45 +196,32 @@ bool ads_closest_dc(ADS_STRUCT *ads)
  */
 static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc)
 {
-	char *srv;
 	struct NETLOGON_SAM_LOGON_RESPONSE_EX cldap_reply;
 	TALLOC_CTX *frame = talloc_stackframe();
 	bool ret = false;
+	struct sockaddr_storage ss;
+	char addr[INET6_ADDRSTRLEN];
 
 	if (!server || !*server) {
 		TALLOC_FREE(frame);
 		return False;
 	}
 
-	if (!is_ipaddress(server)) {
-		struct sockaddr_storage ss;
-		char addr[INET6_ADDRSTRLEN];
-
-		if (!resolve_name(server, &ss, 0x20, true)) {
-			DEBUG(5,("ads_try_connect: unable to resolve name %s\n",
-				server ));
-			TALLOC_FREE(frame);
-			return false;
-		}
-		print_sockaddr(addr, sizeof(addr), &ss);
-		srv = talloc_strdup(frame, addr);
-	} else {
-		/* this copes with inet_ntoa brokenness */
-		srv = talloc_strdup(frame, server);
-	}
-
-	if (!srv) {
+	if (!resolve_name(server, &ss, 0x20, true)) {
+		DEBUG(5,("ads_try_connect: unable to resolve name %s\n",
+			 server ));
 		TALLOC_FREE(frame);
 		return false;
 	}
+	print_sockaddr(addr, sizeof(addr), &ss);
 
 	DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n", 
-		srv, ads->server.realm));
+		addr, ads->server.realm));
 
 	ZERO_STRUCT( cldap_reply );
 
-	if ( !ads_cldap_netlogon_5(frame, srv, ads->server.realm, &cldap_reply ) ) {
-		DEBUG(3,("ads_try_connect: CLDAP request %s failed.\n", srv));
+	if ( !ads_cldap_netlogon_5(frame, &ss, ads->server.realm, &cldap_reply ) ) {
+		DEBUG(3,("ads_try_connect: CLDAP request %s failed.\n", addr));
 		ret = false;
 		goto out;
 	}
@@ -243,7 +230,7 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc)
 
 	if ( !(cldap_reply.server_type & NBT_SERVER_LDAP) ) {
 		DEBUG(1,("ads_try_connect: %s's CLDAP reply says it is not an LDAP server!\n",
-			srv));
+			addr));
 		ret = false;
 		goto out;
 	}
@@ -273,13 +260,7 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc)
 	ads->server.workgroup          = SMB_STRDUP(cldap_reply.domain_name);
 
 	ads->ldap.port = gc ? LDAP_GC_PORT : LDAP_PORT;
-	if (!interpret_string_addr(&ads->ldap.ss, srv, 0)) {
-		DEBUG(1,("ads_try_connect: unable to convert %s "
-			"to an address\n",
-			srv));
-		ret = false;
-		goto out;
-	}
+	ads->ldap.ss = ss;
 
 	/* Store our site name. */
 	sitename_store( cldap_reply.domain_name, cldap_reply.client_site);

source3/libsmb/dsgetdcname.c

@@ -861,9 +861,10 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx,
 
 	for (i=0; i<num_dcs; i++) {
 
+
 		DEBUG(10,("LDAP ping to %s\n", dclist[i].hostname));
 
-		if (ads_cldap_netlogon(mem_ctx, dclist[i].hostname,
+		if (ads_cldap_netlogon(mem_ctx, &dclist[i].ss,
 					domain_name,
 					nt_version,
 					&r))

source3/utils/net_ads.c

@@ -60,7 +60,8 @@ static int net_ads_cldap_netlogon(struct net_context *c, ADS_STRUCT *ads)
 	struct NETLOGON_SAM_LOGON_RESPONSE_EX reply;
 
 	print_sockaddr(addr, sizeof(addr), &ads->ldap.ss);
-	if ( !ads_cldap_netlogon_5(talloc_tos(), addr, ads->server.realm, &reply ) ) {
+
+	if ( !ads_cldap_netlogon_5(talloc_tos(), &ads->ldap.ss, ads->server.realm, &reply ) ) {
 		d_fprintf(stderr, _("CLDAP query failed!\n"));
 		return -1;
 	}
@@ -383,7 +384,6 @@ int net_ads_check(struct net_context *c)
 static int net_ads_workgroup(struct net_context *c, int argc, const char **argv)
 {
 	ADS_STRUCT *ads;
-	char addr[INET6_ADDRSTRLEN];
 	struct NETLOGON_SAM_LOGON_RESPONSE_EX reply;
 
 	if (c->display_usage) {
@@ -405,8 +405,7 @@ static int net_ads_workgroup(struct net_context *c, int argc, const char **argv)
 		ads->ldap.port = 389;
 	}
 
-	print_sockaddr(addr, sizeof(addr), &ads->ldap.ss);
-	if ( !ads_cldap_netlogon_5(talloc_tos(), addr, ads->server.realm, &reply ) ) {
+	if ( !ads_cldap_netlogon_5(talloc_tos(), &ads->ldap.ss, ads->server.realm, &reply ) ) {
 		d_fprintf(stderr, _("CLDAP query failed!\n"));
 		ads_destroy(&ads);
 		return -1;

source3/winbindd/idmap_adex/gc_util.c

@@ -107,6 +107,7 @@ done:
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
 	struct NETLOGON_SAM_LOGON_RESPONSE_EX cldap_reply;
 	TALLOC_CTX *frame = talloc_stackframe();
+	struct sockaddr_storage ss;
 
 	if (!gc || !domain) {
 		return NT_STATUS_INVALID_PARAMETER;
@@ -126,8 +127,17 @@ done:
 	nt_status = ads_ntstatus(ads_status);
 	BAIL_ON_NTSTATUS_ERROR(nt_status);
 
+	if (!resolve_name(ads->config.ldap_server_name, &ss, 0x20, true)) {
+		DEBUG(5,("gc_find_forest_root: unable to resolve name %s\n",
+			 ads->config.ldap_server_name));
+		nt_status = NT_STATUS_IO_TIMEOUT;
+		/* This matches the old code which did the resolve in
+		 * ads_cldap_netlogon_5 */
+		BAIL_ON_NTSTATUS_ERROR(nt_status);
+	}
+
 	if (!ads_cldap_netlogon_5(frame,
-				  ads->config.ldap_server_name,
+				  &ss,
 				  ads->config.realm,
 				  &cldap_reply))
 	{