Fix bug #8897 - winbind_krb5_locator only returns one IP address.

Reported by Dina_Fine@Dell.com.

Don't ask the DC for an IP list when locating kdc's. Ask for the
name and use getaddrinfo to get all possible addresses instead.
(cherry picked from commit 56b0ec0e91f9af0eb6c109fc1cc300ad5fee3fe6)

diff --git a/nsswitch/winbind_krb5_locator.c b/nsswitch/winbind_krb5_locator.c
index e921caea5939af95213435ddc780b0372b2f0fd6..385a156b945c783ebd98576d78bc0e453ac6c615 100644 (file)
--- a/nsswitch/winbind_krb5_locator.c
+++ b/nsswitch/winbind_krb5_locator.c
@@ -182,7 +182,8 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name,
                                                    void *cbdata)
 {
        struct addrinfo *out = NULL;
-       int ret;
+       int ret = 0;
+       struct addrinfo *res = NULL;
        int count = 3;
 
        while (count) {
@@ -206,16 +207,25 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name,
                return KRB5_PLUGIN_NO_HANDLE;
        }
 
-       ret = cbfunc(cbdata, out->ai_socktype, out->ai_addr);
+       for (res = out; res; res = res->ai_next) {
+               if (!res->ai_addr || res->ai_addrlen == 0) {
+                       continue;
+               }
+
+               ret = cbfunc(cbdata, res->ai_socktype, res->ai_addr);
+               if (ret) {
 #ifdef DEBUG_KRB5
-       if (ret) {
-               fprintf(stderr, "[%5u]: smb_krb5_locator_lookup: "
-                       "failed to call callback: %s (%d)\n",
-                       (unsigned int)getpid(), error_message(ret), ret);
-       }
+                       fprintf(stderr, "[%5u]: smb_krb5_locator_lookup: "
+                               "failed to call callback: %s (%d)\n",
+                               (unsigned int)getpid(), error_message(ret), ret);
 #endif
+                       break;
+               }
+       }
 
-       freeaddrinfo(out);
+       if (out) {
+               freeaddrinfo(out);
+       }
        return ret;
 }
 
@@ -257,8 +267,7 @@ static bool ask_winbind(const char *realm, char **dcname)
 
        flags = WBC_LOOKUP_DC_KDC_REQUIRED |
                WBC_LOOKUP_DC_IS_DNS_NAME |
-               WBC_LOOKUP_DC_RETURN_DNS_NAME |
-               WBC_LOOKUP_DC_IP_REQUIRED;
+               WBC_LOOKUP_DC_RETURN_DNS_NAME;
 
        wbc_status = wbcLookupDomainControllerEx(realm, NULL, NULL, flags, &dc_info);
 
@@ -270,12 +279,6 @@ static bool ask_winbind(const char *realm, char **dcname)
                return false;
        }
 
-       if (dc_info->dc_address) {
-               dc = dc_info->dc_address;
-               if (dc[0] == '\\') dc++;
-               if (dc[0] == '\\') dc++;
-       }
-
        if (!dc && dc_info->dc_unc) {
                dc = dc_info->dc_unc;
                if (dc[0] == '\\') dc++;