summaryrefslogtreecommitdiff
path: root/source3/nsswitch
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2007-09-04 14:06:33 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:30:30 -0500
commitbe3fdd8b6237a6dcaf4ff974dc4dad35b7009169 (patch)
treed1b8f8bd399ef9b0888ca0318574acede8eef7d5 /source3/nsswitch
parent6de1b0b65b9e6364914bac52219e155ae45bbfbf (diff)
downloadsamba-be3fdd8b6237a6dcaf4ff974dc4dad35b7009169.tar.gz
samba-be3fdd8b6237a6dcaf4ff974dc4dad35b7009169.tar.bz2
samba-be3fdd8b6237a6dcaf4ff974dc4dad35b7009169.zip
r24952: Set the kdc locator env vars. This makes the krb5 locator plugin fully
operational (from within winbindd and outside). Guenther (This used to be commit 800645d5388d7df1f8cf31b4218bfc7dd5b4d12a)
Diffstat (limited to 'source3/nsswitch')
-rw-r--r--source3/nsswitch/winbindd_cm.c12
-rw-r--r--source3/nsswitch/winbindd_util.c58
2 files changed, 67 insertions, 3 deletions
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index 269dab0389..0888a934d1 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -395,6 +395,8 @@ static void set_domain_online(struct winbindd_domain *domain)
return;
}
+ winbindd_set_locator_kdc_envs(domain);
+
/* If we are waiting to get a krb5 ticket, trigger immediately. */
GetTimeOfDay(&now);
set_event_dispatch_time(winbind_event_context(),
@@ -520,6 +522,7 @@ void winbind_add_failed_connection_entry(const struct winbindd_domain *domain,
add_failed_connection_entry(domain->alt_name, server, result);
saf_delete(domain->alt_name);
}
+ winbindd_unset_locator_kdc_env(domain);
}
/* Choose between anonymous or authenticated connections. We need to use
@@ -741,6 +744,8 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
"[%s]\n", controller, global_myname(),
machine_krb5_principal));
+ winbindd_set_locator_kdc_envs(domain);
+
ads_status = cli_session_setup_spnego(*cli,
machine_krb5_principal,
machine_password,
@@ -837,6 +842,8 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
saf_store( domain->alt_name, (*cli)->desthost );
}
+ winbindd_set_locator_kdc_envs(domain);
+
if (!cli_send_tconX(*cli, "IPC$", "IPC", "", 0)) {
result = cli_nt_error(*cli);
@@ -1089,6 +1096,8 @@ static BOOL dcip_to_name(const struct winbindd_domain *domain, struct in_addr ip
sitename,
ip);
+ winbindd_set_locator_kdc_envs(domain);
+
SAFE_FREE(sitename);
/* Ensure we contact this DC also. */
saf_store( domain->name, name);
@@ -1394,6 +1403,9 @@ static NTSTATUS cm_open_connection(struct winbindd_domain *domain,
}
if (NT_STATUS_IS_OK(result)) {
+
+ winbindd_set_locator_kdc_envs(domain);
+
if (domain->online == False) {
/* We're changing state from offline to online. */
set_global_winbindd_state_online();
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index 225c6b5be1..a29ea38145 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -1366,24 +1366,40 @@ BOOL winbindd_internal_child(struct winbindd_child *child)
return False;
}
+void winbindd_set_locator_kdc_envs(const struct winbindd_domain *domain);
+void winbindd_unset_locator_kdc_env(const struct winbindd_domain *domain);
+
+#ifdef HAVE_KRB5_LOCATE_PLUGIN_H
+
/*********************************************************************
********************************************************************/
-void winbindd_set_locator_kdc_env(const struct winbindd_domain *domain)
+static void winbindd_set_locator_kdc_env(const struct winbindd_domain *domain)
{
char *var = NULL;
const char *kdc = NULL;
+ int lvl = 11;
+
+ if (!domain || !domain->alt_name || !*domain->alt_name) {
+ return;
+ }
- if (!domain) {
+ if (domain->initialized && !domain->active_directory) {
+ DEBUG(lvl,("winbindd_set_locator_kdc_env: %s not AD\n",
+ domain->alt_name));
return;
}
kdc = inet_ntoa(domain->dcaddr.sin_addr);
if (!kdc) {
+ DEBUG(lvl,("winbindd_set_locator_kdc_env: %s no DC IP\n",
+ domain->alt_name));
kdc = domain->dcname;
}
if (!kdc || !*kdc) {
+ DEBUG(lvl,("winbindd_set_locator_kdc_env: %s no DC at all\n",
+ domain->alt_name));
return;
}
@@ -1392,9 +1408,45 @@ void winbindd_set_locator_kdc_env(const struct winbindd_domain *domain)
return;
}
- DEBUG(10,("winbindd_set_locator_kdc_env: setting var: %s to: %s\n",
+ DEBUG(lvl,("winbindd_set_locator_kdc_env: setting var: %s to: %s\n",
var, kdc));
setenv(var, kdc, 1);
free(var);
}
+
+/*********************************************************************
+ ********************************************************************/
+
+void winbindd_set_locator_kdc_envs(const struct winbindd_domain *domain)
+{
+ struct winbindd_domain *our_dom = find_our_domain();
+
+ winbindd_set_locator_kdc_env(domain);
+
+ if (domain != our_dom) {
+ winbindd_set_locator_kdc_env(our_dom);
+ }
+}
+
+/*********************************************************************
+ ********************************************************************/
+
+void winbindd_unset_locator_kdc_env(const struct winbindd_domain *domain)
+{
+ char *var = NULL;
+
+ if (!domain || !domain->alt_name || !*domain->alt_name) {
+ return;
+ }
+
+ if (asprintf(&var, "%s_%s", WINBINDD_LOCATOR_KDC_ADDRESS,
+ strupper_static(domain->alt_name)) == -1) {
+ return;
+ }
+
+ unsetenv(var);
+ free(var);
+}
+
+#endif /* HAVE_KRB5_LOCATE_PLUGIN_H */