From 8d22cc111579c57aec65be8884b41564b79b133a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 30 Aug 2006 05:52:31 +0000 Subject: [PATCH] r17929: Ok, I think I finally figured out where to put the code to redo the CLDAP query to restrict DC DNS lookups to the sitename. Jerry, please check to stop me going insane :-). Jeremy. --- source/libads/dns.c | 21 +++++++++++++- source/libsmb/namequery_dc.c | 54 ++++++++++++++++++++++++++++-------- 2 files changed, 62 insertions(+), 13 deletions(-) diff --git a/source/libads/dns.c b/source/libads/dns.c index 937cd9213f9..430486741db 100644 --- a/source/libads/dns.c +++ b/source/libads/dns.c @@ -604,7 +604,7 @@ BOOL sitename_store(const char *sitename) Caller must free. ****************************************************************************/ -static char *sitename_fetch(void) +char *sitename_fetch(void) { char *sitename = NULL; time_t timeout; @@ -624,6 +624,25 @@ static char *sitename_fetch(void) return sitename; } +/**************************************************************************** + Did the sitename change ? +****************************************************************************/ + +BOOL sitename_changed(const char *sitename) +{ + BOOL ret = False; + char *new_sitename = sitename_fetch(); + + if (sitename && new_sitename && !strequal(sitename, new_sitename)) { + ret = True; + } else if ((sitename && !new_sitename) || + (!sitename && new_sitename)) { + ret = True; + } + SAFE_FREE(new_sitename); + return ret; +} + /******************************************************************** Query with optional sitename. ********************************************************************/ diff --git a/source/libsmb/namequery_dc.c b/source/libsmb/namequery_dc.c index 4afd04a98f9..b4ea90fde05 100644 --- a/source/libsmb/namequery_dc.c +++ b/source/libsmb/namequery_dc.c @@ -26,34 +26,65 @@ #include "includes.h" /************************************************************************** - Find the name and IP address for a server in he realm/domain + Find the name and IP address for a server in the realm/domain *************************************************************************/ -static BOOL ads_dc_name(const char *domain, const char *realm, struct in_addr *dc_ip, fstring srv_name) +static BOOL ads_dc_name(const char *domain, + const char *realm, + struct in_addr *dc_ip, + fstring srv_name) { ADS_STRUCT *ads; + char *sitename = sitename_fetch(); + int i; if (!realm && strequal(domain, lp_workgroup())) realm = lp_realm(); - ads = ads_init(realm, domain, NULL); - if (!ads) - return False; + /* Try this 3 times then give up. */ + for( i =0 ; i < 3; i++) { + ads = ads_init(realm, domain, NULL); + if (!ads) { + SAFE_FREE(sitename); + return False; + } - DEBUG(4,("ads_dc_name: domain=%s\n", domain)); + DEBUG(4,("ads_dc_name: domain=%s\n", domain)); #ifdef HAVE_ADS - /* we don't need to bind, just connect */ - ads->auth.flags |= ADS_AUTH_NO_BIND; - - ads_connect(ads); + /* we don't need to bind, just connect */ + ads->auth.flags |= ADS_AUTH_NO_BIND; + ads_connect(ads); #endif - if (!ads->config.realm) { + if (!ads->config.realm) { + SAFE_FREE(sitename); + ads_destroy(&ads); + return False; + } + + /* Now we've found a server, see if our sitename + has changed. If so, we need to re-do the query + to ensure we only find servers in our site. */ + + if (!sitename_changed(sitename)) { + break; + } + + ads_destroy(&ads); + } + + + if (i == 3) { + DEBUG(1,("ads_dc_name: sitename (now %s) keeps changing ???\n", + sitename)); + SAFE_FREE(sitename); ads_destroy(&ads); return False; } + SAFE_FREE(sitename); + fstrcpy(srv_name, ads->config.ldap_server_name); strupper_m(srv_name); *dc_ip = ads->ldap_ip; @@ -157,4 +188,3 @@ BOOL get_dc_name(const char *domain, const char *realm, fstring srv_name, struct return ret; } - -- 2.34.1