mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
r17929: Ok, I think I finally figured out where to put
the code to redo the CLDAP query to restrict DC DNS lookups to the sitename. Jerry, please check to stop me going insane :-). Jeremy.
This commit is contained in:
parent
ab3f0c5b1e
commit
8d22cc1115
@ -604,7 +604,7 @@ BOOL sitename_store(const char *sitename)
|
||||
Caller must free.
|
||||
****************************************************************************/
|
||||
|
||||
static char *sitename_fetch(void)
|
||||
char *sitename_fetch(void)
|
||||
{
|
||||
char *sitename = NULL;
|
||||
time_t timeout;
|
||||
@ -624,6 +624,25 @@ static char *sitename_fetch(void)
|
||||
return sitename;
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
Did the sitename change ?
|
||||
****************************************************************************/
|
||||
|
||||
BOOL sitename_changed(const char *sitename)
|
||||
{
|
||||
BOOL ret = False;
|
||||
char *new_sitename = sitename_fetch();
|
||||
|
||||
if (sitename && new_sitename && !strequal(sitename, new_sitename)) {
|
||||
ret = True;
|
||||
} else if ((sitename && !new_sitename) ||
|
||||
(!sitename && new_sitename)) {
|
||||
ret = True;
|
||||
}
|
||||
SAFE_FREE(new_sitename);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/********************************************************************
|
||||
Query with optional sitename.
|
||||
********************************************************************/
|
||||
|
@ -26,34 +26,65 @@
|
||||
#include "includes.h"
|
||||
|
||||
/**************************************************************************
|
||||
Find the name and IP address for a server in he realm/domain
|
||||
Find the name and IP address for a server in the realm/domain
|
||||
*************************************************************************/
|
||||
|
||||
static BOOL ads_dc_name(const char *domain, const char *realm, struct in_addr *dc_ip, fstring srv_name)
|
||||
static BOOL ads_dc_name(const char *domain,
|
||||
const char *realm,
|
||||
struct in_addr *dc_ip,
|
||||
fstring srv_name)
|
||||
{
|
||||
ADS_STRUCT *ads;
|
||||
char *sitename = sitename_fetch();
|
||||
int i;
|
||||
|
||||
if (!realm && strequal(domain, lp_workgroup()))
|
||||
realm = lp_realm();
|
||||
|
||||
ads = ads_init(realm, domain, NULL);
|
||||
if (!ads)
|
||||
return False;
|
||||
/* Try this 3 times then give up. */
|
||||
for( i =0 ; i < 3; i++) {
|
||||
ads = ads_init(realm, domain, NULL);
|
||||
if (!ads) {
|
||||
SAFE_FREE(sitename);
|
||||
return False;
|
||||
}
|
||||
|
||||
DEBUG(4,("ads_dc_name: domain=%s\n", domain));
|
||||
DEBUG(4,("ads_dc_name: domain=%s\n", domain));
|
||||
|
||||
#ifdef HAVE_ADS
|
||||
/* we don't need to bind, just connect */
|
||||
ads->auth.flags |= ADS_AUTH_NO_BIND;
|
||||
|
||||
ads_connect(ads);
|
||||
/* we don't need to bind, just connect */
|
||||
ads->auth.flags |= ADS_AUTH_NO_BIND;
|
||||
ads_connect(ads);
|
||||
#endif
|
||||
|
||||
if (!ads->config.realm) {
|
||||
if (!ads->config.realm) {
|
||||
SAFE_FREE(sitename);
|
||||
ads_destroy(&ads);
|
||||
return False;
|
||||
}
|
||||
|
||||
/* Now we've found a server, see if our sitename
|
||||
has changed. If so, we need to re-do the query
|
||||
to ensure we only find servers in our site. */
|
||||
|
||||
if (!sitename_changed(sitename)) {
|
||||
break;
|
||||
}
|
||||
|
||||
ads_destroy(&ads);
|
||||
}
|
||||
|
||||
|
||||
if (i == 3) {
|
||||
DEBUG(1,("ads_dc_name: sitename (now %s) keeps changing ???\n",
|
||||
sitename));
|
||||
SAFE_FREE(sitename);
|
||||
ads_destroy(&ads);
|
||||
return False;
|
||||
}
|
||||
|
||||
SAFE_FREE(sitename);
|
||||
|
||||
fstrcpy(srv_name, ads->config.ldap_server_name);
|
||||
strupper_m(srv_name);
|
||||
*dc_ip = ads->ldap_ip;
|
||||
@ -157,4 +188,3 @@ BOOL get_dc_name(const char *domain, const char *realm, fstring srv_name, struct
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user