diff options
author | Jeremy Allison <jra@samba.org> | 2006-09-15 14:18:52 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:51:49 -0500 |
commit | a0aaa82f6d360f2fe688f95791640b58231ed873 (patch) | |
tree | 9489ab56903e85e02d384a85519b34a7c4cfe6c2 | |
parent | 07e9f4e61ae909d7ccc7ec7b650438510468829d (diff) | |
download | samba-a0aaa82f6d360f2fe688f95791640b58231ed873.tar.gz samba-a0aaa82f6d360f2fe688f95791640b58231ed873.tar.bz2 samba-a0aaa82f6d360f2fe688f95791640b58231ed873.zip |
r18552: Ensure the sitename matches before we SAF store a DC in ADS mode.
Jeremy.
(This used to be commit 03e1078b459531af5a2336b584b3c886c5dd1e29)
-rw-r--r-- | source3/libads/ldap.c | 8 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_cm.c | 6 |
2 files changed, 8 insertions, 6 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 6b18bbf594..7b31586f7d 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -115,7 +115,6 @@ static int ldap_search_with_timeout(LDAP *ld, return result; } -#ifdef HAVE_KRB5 /********************************************** Do client and server sitename match ? **********************************************/ @@ -139,7 +138,6 @@ BOOL ads_sitename_match(ADS_STRUCT *ads) ads->config.client_site_name ? ads->config.client_site_name : "NULL")); return False; } -#endif /* try a connection to a given ldap server, returning True and setting the servers IP @@ -394,8 +392,10 @@ got_connection: } /* cache the successful connection for workgroup and realm */ - saf_store( ads->server.workgroup, inet_ntoa(ads->ldap_ip)); - saf_store( ads->server.realm, inet_ntoa(ads->ldap_ip)); + if (ads_sitename_match(ads)) { + saf_store( ads->server.workgroup, inet_ntoa(ads->ldap_ip)); + saf_store( ads->server.realm, inet_ntoa(ads->ldap_ip)); + } ldap_set_option(ads->ld, LDAP_OPT_PROTOCOL_VERSION, &version); diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c index 7a1768354d..6fc473283c 100644 --- a/source3/nsswitch/winbindd_cm.c +++ b/source3/nsswitch/winbindd_cm.c @@ -754,7 +754,6 @@ static BOOL dcip_to_name( const char *domainname, const char *realm, ads->auth.flags |= ADS_AUTH_NO_BIND; if (ads_try_connect( ads, inet_ntoa(ip) ) ) { - char *sitename = sitename_fetch(); /* We got a cldap packet. */ fstrcpy(name, ads->config.ldap_server_name); namecache_store(name, 0x20, 1, &ip_list); @@ -769,9 +768,12 @@ static BOOL dcip_to_name( const char *domainname, const char *realm, create_local_private_krb5_conf_for_domain(realm, domainname, ip); + + /* Ensure we contact this DC also. */ + saf_store( domainname, name); + saf_store( realm, name); } #endif - SAFE_FREE(sitename); ads_destroy( &ads ); return True; } |