summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2010-12-20 16:22:02 +0100
committerVolker Lendecke <vl@samba.org>2010-12-20 17:10:57 +0100
commit660190632e4f8ace65f4944f4686ea42444056c0 (patch)
treebe4831268ab3fde316f23df931b758c78f374c4c
parent09cccee27302044dd2fa3e94c60bf7854c4d2e45 (diff)
downloadsamba-660190632e4f8ace65f4944f4686ea42444056c0.tar.gz
samba-660190632e4f8ace65f4944f4686ea42444056c0.tar.bz2
samba-660190632e4f8ace65f4944f4686ea42444056c0.zip
s3: Always retry the DC connection in auth_domain
The only condition that cli_full_connection marks as non-retryable is the basic name lookup and TCP connect. To me this is pretty fishy. For example if the negprot fails, this is supposed to be more retryable than a NetBIOS name lookup failure? I'd rather think the opposite is true. Jeremy, this is code from 2002, 389a16d9d533. If you have any comments from back then, let me know :-) Volker
-rw-r--r--source3/auth/auth_domain.c12
1 files changed, 4 insertions, 8 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index cac482c3d0..c9eaa64d36 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -113,8 +113,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
const char *domain,
const char *dc_name,
struct sockaddr_storage *dc_ss,
- struct rpc_pipe_client **pipe_ret,
- bool *retry)
+ struct rpc_pipe_client **pipe_ret)
{
NTSTATUS result;
struct rpc_pipe_client *netlogon_pipe = NULL;
@@ -143,9 +142,8 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
}
/* Attempt connection */
- *retry = True;
result = cli_full_connection(cli, global_myname(), dc_name, dc_ss, 0,
- "IPC$", "IPC", "", "", "", 0, Undefined, retry);
+ "IPC$", "IPC", "", "", "", 0, Undefined, NULL);
if (!NT_STATUS_IS_OK(result)) {
/* map to something more useful */
@@ -267,7 +265,6 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client *netlogon_pipe = NULL;
NTSTATUS nt_status = NT_STATUS_NO_LOGON_SERVERS;
int i;
- bool retry = True;
/*
* At this point, smb_apasswd points to the lanman response to
@@ -279,13 +276,12 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
/* rety loop for robustness */
- for (i = 0; !NT_STATUS_IS_OK(nt_status) && retry && (i < 3); i++) {
+ for (i = 0; !NT_STATUS_IS_OK(nt_status) && (i < 3); i++) {
nt_status = connect_to_domain_password_server(&cli,
domain,
dc_name,
dc_ss,
- &netlogon_pipe,
- &retry);
+ &netlogon_pipe);
}
if ( !NT_STATUS_IS_OK(nt_status) ) {