diff options
author | Volker Lendecke <vl@samba.org> | 2010-12-20 16:22:02 +0100 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2010-12-20 17:10:57 +0100 |
commit | 660190632e4f8ace65f4944f4686ea42444056c0 (patch) | |
tree | be4831268ab3fde316f23df931b758c78f374c4c | |
parent | 09cccee27302044dd2fa3e94c60bf7854c4d2e45 (diff) | |
download | samba-660190632e4f8ace65f4944f4686ea42444056c0.tar.gz samba-660190632e4f8ace65f4944f4686ea42444056c0.tar.bz2 samba-660190632e4f8ace65f4944f4686ea42444056c0.zip |
s3: Always retry the DC connection in auth_domain
The only condition that cli_full_connection marks as non-retryable is the basic
name lookup and TCP connect. To me this is pretty fishy. For example if the
negprot fails, this is supposed to be more retryable than a NetBIOS name lookup
failure? I'd rather think the opposite is true.
Jeremy, this is code from 2002, 389a16d9d533. If you have any comments from
back then, let me know :-)
Volker
-rw-r--r-- | source3/auth/auth_domain.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index cac482c3d0..c9eaa64d36 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -113,8 +113,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, const char *domain, const char *dc_name, struct sockaddr_storage *dc_ss, - struct rpc_pipe_client **pipe_ret, - bool *retry) + struct rpc_pipe_client **pipe_ret) { NTSTATUS result; struct rpc_pipe_client *netlogon_pipe = NULL; @@ -143,9 +142,8 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, } /* Attempt connection */ - *retry = True; result = cli_full_connection(cli, global_myname(), dc_name, dc_ss, 0, - "IPC$", "IPC", "", "", "", 0, Undefined, retry); + "IPC$", "IPC", "", "", "", 0, Undefined, NULL); if (!NT_STATUS_IS_OK(result)) { /* map to something more useful */ @@ -267,7 +265,6 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *netlogon_pipe = NULL; NTSTATUS nt_status = NT_STATUS_NO_LOGON_SERVERS; int i; - bool retry = True; /* * At this point, smb_apasswd points to the lanman response to @@ -279,13 +276,12 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx, /* rety loop for robustness */ - for (i = 0; !NT_STATUS_IS_OK(nt_status) && retry && (i < 3); i++) { + for (i = 0; !NT_STATUS_IS_OK(nt_status) && (i < 3); i++) { nt_status = connect_to_domain_password_server(&cli, domain, dc_name, dc_ss, - &netlogon_pipe, - &retry); + &netlogon_pipe); } if ( !NT_STATUS_IS_OK(nt_status) ) { |