summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_domain.c2
-rw-r--r--source3/libsmb/namecache.c83
-rw-r--r--source3/libsmb/namequery.c39
-rw-r--r--source3/libsmb/namequery_dc.c95
-rw-r--r--source3/nsswitch/winbindd_cm.c7
5 files changed, 188 insertions, 38 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 2991684280..f1575e43b0 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -276,7 +276,7 @@ static NTSTATUS find_connect_dc(struct cli_state **cli,
struct in_addr dc_ip;
fstring srv_name;
- if (!rpc_find_dc(domain, srv_name, &dc_ip)) {
+ if (!get_dc_name(domain, srv_name, &dc_ip)) {
DEBUG(0,("find_connect_dc: Failed to find an DCs for %s\n", lp_workgroup()));
return NT_STATUS_NO_LOGON_SERVERS;
}
diff --git a/source3/libsmb/namecache.c b/source3/libsmb/namecache.c
index d3541b7719..7a0eb5212a 100644
--- a/source3/libsmb/namecache.c
+++ b/source3/libsmb/namecache.c
@@ -143,10 +143,19 @@ BOOL namecache_store(const char *name, int name_type,
* out of action for the entire cache timeout time!
*/
+#if 0
+ /*
+ * I don't think we need to do this. We are
+ * checking at a higher level for failed DC
+ * connections. JRA.
+ */
+
if (name_type == 0x1b || name_type == 0x1c)
expiry = time(NULL) + 10;
else
expiry = time(NULL) + lp_name_cache_timeout();
+#endif
+ expiry = time(NULL) + lp_name_cache_timeout();
/*
* Generate string representation of ip addresses list
@@ -201,7 +210,9 @@ BOOL namecache_fetch(const char *name, int name_type, struct in_addr **ip_list,
if (!gencache_get(key, &value, &timeout)) {
DEBUG(5, ("no entry for %s#%02X found.\n", name, name_type));
+ gencache_del(key);
SAFE_FREE(key);
+ SAFE_FREE(value);
return False;
} else {
DEBUG(5, ("name %s#%02X found.\n", name, name_type));
@@ -252,3 +263,75 @@ void namecache_flush(void)
DEBUG(5, ("Namecache flushed\n"));
}
+/* Construct a name status record key. */
+
+static char *namecache_status_record_key(const char *name, int name_type1,
+ int name_type2, struct in_addr keyip)
+{
+ char *keystr;
+
+ asprintf(&keystr, "NBT/%s#%02X.%02X.%s",
+ strupper_static(name), name_type1, name_type2, inet_ntoa(keyip));
+ return keystr;
+}
+
+/* Store a name status record. */
+
+BOOL namecache_status_store(const char *keyname, int keyname_type,
+ int name_type, struct in_addr keyip,
+ const char *srvname)
+{
+ char *key;
+ time_t expiry;
+ BOOL ret;
+
+ if (!gencache_init())
+ return False;
+
+ key = namecache_status_record_key(keyname, keyname_type, name_type, keyip);
+ if (!key)
+ return False;
+
+ expiry = time(NULL) + lp_name_cache_timeout();
+ ret = gencache_set(key, srvname, expiry);
+
+ if (ret)
+ DEBUG(5, ("namecache_status_store: entry %s -> %s\n", key, srvname ));
+ else
+ DEBUG(5, ("namecache_status_store: entry %s store failed.\n", key ));
+
+ SAFE_FREE(key);
+ return ret;
+}
+
+/* Fetch a name status record. */
+
+BOOL namecache_status_fetch(const char *keyname, int keyname_type,
+ int name_type, struct in_addr keyip, char *srvname_out)
+{
+ char *key = NULL;
+ char *value = NULL;
+ time_t timeout;
+
+ if (!gencache_init())
+ return False;
+
+ key = namecache_status_record_key(keyname, keyname_type, name_type, keyip);
+ if (!key)
+ return False;
+
+ if (!gencache_get(key, &value, &timeout)) {
+ DEBUG(5, ("namecache_status_fetch: no entry for %s found.\n", key));
+ gencache_del(key);
+ SAFE_FREE(key);
+ SAFE_FREE(value);
+ return False;
+ } else {
+ DEBUG(5, ("namecache_status_fetch: key %s -> %s\n", key, value ));
+ }
+
+ strlcpy(srvname_out, value, 16);
+ SAFE_FREE(key);
+ SAFE_FREE(value);
+ return True;
+}
diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c
index 18ce5e4bd9..7f343033d6 100644
--- a/source3/libsmb/namequery.c
+++ b/source3/libsmb/namequery.c
@@ -25,8 +25,9 @@
BOOL global_in_nmbd = False;
/****************************************************************************
-generate a random trn_id
+ Generate a random trn_id.
****************************************************************************/
+
static int generate_trn_id(void)
{
static int trn_id;
@@ -40,10 +41,10 @@ static int generate_trn_id(void)
return trn_id % (unsigned)0x7FFF;
}
-
/****************************************************************************
- parse a node status response into an array of structures
+ Parse a node status response into an array of structures.
****************************************************************************/
+
static struct node_status *parse_node_status(char *p, int *num_names)
{
struct node_status *ret;
@@ -51,7 +52,8 @@ static struct node_status *parse_node_status(char *p, int *num_names)
*num_names = CVAL(p,0);
- if (*num_names == 0) return NULL;
+ if (*num_names == 0)
+ return NULL;
ret = (struct node_status *)malloc(sizeof(struct node_status)* (*num_names));
if (!ret) return NULL;
@@ -71,9 +73,10 @@ static struct node_status *parse_node_status(char *p, int *num_names)
/****************************************************************************
-do a NBT node status query on an open socket and return an array of
-structures holding the returned names or NULL if the query failed
+ Do a NBT node status query on an open socket and return an array of
+ structures holding the returned names or NULL if the query failed.
**************************************************************************/
+
struct node_status *node_status_query(int fd,struct nmb_name *name,
struct in_addr to_ip, int *num_names)
{
@@ -155,11 +158,9 @@ struct node_status *node_status_query(int fd,struct nmb_name *name,
return NULL;
}
-
/****************************************************************************
-find the first type XX name in a node status reply - used for finding
-a servers name given its IP
-return the matched name in *name
+ Find the first type XX name in a node status reply - used for finding
+ a servers name given its IP. Return the matched name in *name.
**************************************************************************/
BOOL name_status_find(const char *q_name, int q_type, int type, struct in_addr to_ip, char *name)
@@ -178,6 +179,11 @@ BOOL name_status_find(const char *q_name, int q_type, int type, struct in_addr t
DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
q_type, inet_ntoa(to_ip)));
+ /* Check the cache first. */
+
+ if (namecache_status_fetch(q_name, q_type, type, to_ip, name))
+ return True;
+
sock = open_socket_in(SOCK_DGRAM, 0, 3, interpret_addr(lp_socket_address()), True);
if (sock == -1)
goto done;
@@ -197,6 +203,10 @@ BOOL name_status_find(const char *q_name, int q_type, int type, struct in_addr t
goto done;
pull_ascii(name, status[i].name, 16, 15, STR_TERMINATE);
+
+ /* Store the result in the cache. */
+ namecache_status_store(q_name, q_type, type, to_ip, name);
+
result = True;
done:
@@ -205,17 +215,17 @@ BOOL name_status_find(const char *q_name, int q_type, int type, struct in_addr t
DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
if (result)
- DEBUGADD(10, (", ip address is %s", inet_ntoa(to_ip)));
+ DEBUGADD(10, (", name %s ip address is %s", name, inet_ntoa(to_ip)));
DEBUG(10, ("\n"));
return result;
}
-
/*
comparison function used by sort_ip_list
*/
+
int ip_compare(struct in_addr *ip1, struct in_addr *ip2)
{
int max_bits1=0, max_bits2=0;
@@ -248,6 +258,7 @@ int ip_compare(struct in_addr *ip1, struct in_addr *ip2)
are at the top. This prevents the problem where a WINS server returns an IP that
is not reachable from our subnet as the first match
*/
+
static void sort_ip_list(struct in_addr *iplist, int count)
{
if (count <= 1) {
@@ -257,13 +268,13 @@ static void sort_ip_list(struct in_addr *iplist, int count)
qsort(iplist, count, sizeof(struct in_addr), QSORT_CAST ip_compare);
}
-
/****************************************************************************
Do a netbios name query to find someones IP.
Returns an array of IP addresses or NULL if none.
*count will be set to the number of addresses returned.
*timed_out is set if we failed by timing out
****************************************************************************/
+
struct in_addr *name_query(int fd,const char *name,int name_type,
BOOL bcast,BOOL recurse,
struct in_addr to_ip, int *count, int *flags,
@@ -611,6 +622,7 @@ BOOL name_resolve_bcast(const char *name, int name_type,
/********************************************************
Resolve via "wins" method.
*********************************************************/
+
BOOL resolve_wins(const char *name, int name_type,
struct in_addr **return_iplist, int *return_count)
{
@@ -1377,4 +1389,3 @@ BOOL get_dc_list(const char *domain, struct in_addr **ip_list, int *count, int *
return internal_resolve_name(domain, 0x1C, ip_list, count);
}
-
diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c
index e98b728963..c162e34027 100644
--- a/source3/libsmb/namequery_dc.c
+++ b/source3/libsmb/namequery_dc.c
@@ -156,12 +156,11 @@ void flush_negative_conn_cache( void )
}
/****************************************************************************
- Utility function to return the name of a DC using RPC. The name is
- guaranteed to be valid since we have already done a name_status_find on it
- and we have checked our negative connection cache
+ Utility function to return the name of a DC. The name is guaranteed to be
+ valid since we have already done a name_status_find on it
***************************************************************************/
-
-BOOL rpc_find_dc(const char *domain, fstring srv_name, struct in_addr *ip_out)
+
+BOOL get_dc_name(const char *domain, fstring srv_name, struct in_addr *ip_out)
{
struct in_addr *ip_list = NULL, dc_ip, exclude_ip;
int count, i;
@@ -177,10 +176,12 @@ BOOL rpc_find_dc(const char *domain, fstring srv_name, struct in_addr *ip_out)
if ( use_pdc_only && get_pdc_ip(domain, &dc_ip) )
{
- DEBUG(10,("rpc_find_dc: Atempting to lookup PDC to avoid sam sync delays\n"));
+ DEBUG(10,("get_dc_name: Atempting to lookup PDC to avoid sam sync delays\n"));
- if (name_status_find(domain, 0x1c, 0x20, dc_ip, srv_name)) {
- /* makre we we haven't tried this on previously and failed */
+ /* check the connection cache and perform the node status
+ lookup only if the IP is not found to be bad */
+
+ if (name_status_find(domain, 0x1c, 0x20, dc_ip, srv_name) ) {
result = check_negative_conn_cache( domain, srv_name );
if ( NT_STATUS_IS_OK(result) )
goto done;
@@ -205,11 +206,71 @@ BOOL rpc_find_dc(const char *domain, fstring srv_name, struct in_addr *ip_out)
}
}
- /* Pick a nice close server, but only if the list was not ordered */
- if (!list_ordered && (count > 1) ) {
- qsort(ip_list, count, sizeof(struct in_addr), QSORT_CAST ip_compare);
+ if ( !list_ordered )
+ {
+ /*
+ * Pick a nice close server. Look for DC on local net
+ * (assuming we don't have a list of preferred DC's)
+ */
+
+ for (i = 0; i < count; i++) {
+ if (is_zero_ip(ip_list[i]))
+ continue;
+
+ if ( !is_local_net(ip_list[i]) )
+ continue;
+
+ if (name_status_find(domain, 0x1c, 0x20, ip_list[i], srv_name)) {
+ result = check_negative_conn_cache( domain, srv_name );
+ if ( NT_STATUS_IS_OK(result) ) {
+ dc_ip = ip_list[i];
+ goto done;
+ }
+ }
+
+ zero_ip(&ip_list[i]);
+ }
+
+ /*
+ * Try looking in the name status cache for an
+ * entry we already have. We know that already
+ * resolved ok.
+ */
+
+ for (i = 0; i < count; i++) {
+ if (is_zero_ip(ip_list[i]))
+ continue;
+
+ if (namecache_status_fetch(domain, 0x1c, 0x20,
+ ip_list[i], srv_name)) {
+ result = check_negative_conn_cache( domain, srv_name );
+ if ( NT_STATUS_IS_OK(result) ) {
+ dc_ip = ip_list[i];
+ goto done;
+ }
+ }
+ }
+
+ /*
+ * Secondly try and contact a random PDC/BDC.
+ */
+
+ i = (sys_random() % count);
+
+ if ( !is_zero_ip(ip_list[i]) ) {
+ if ( name_status_find(domain, 0x1c, 0x20, ip_list[i], srv_name)) {
+ result = check_negative_conn_cache( domain, srv_name );
+ if ( NT_STATUS_IS_OK(result) ) {
+ dc_ip = ip_list[i];
+ goto done;
+ }
+ }
+ zero_ip(&ip_list[i]); /* Tried and failed. */
+ }
}
+ /* Finally return first DC that we can contact */
+
for (i = 0; i < count; i++) {
if (is_zero_ip(ip_list[i]))
continue;
@@ -220,20 +281,21 @@ BOOL rpc_find_dc(const char *domain, fstring srv_name, struct in_addr *ip_out)
dc_ip = ip_list[i];
goto done;
}
- }
+ }
}
-
SAFE_FREE(ip_list);
- return False;
-done:
+ /* No-one to talk to )-: */
+ return False; /* Boo-hoo */
+
+ done:
/* We have the netbios name and IP address of a domain controller.
Ideally we should sent a SAMLOGON request to determine whether
the DC is alive and kicking. If we can catch a dead DC before
performing a cli_connect() we can avoid a 30-second timeout. */
- DEBUG(3, ("rpc_find_dc: Returning DC %s (%s) for domain %s\n", srv_name,
+ DEBUG(3, ("get_dc_name: Returning DC %s (%s) for domain %s\n", srv_name,
inet_ntoa(dc_ip), domain));
*ip_out = dc_ip;
@@ -242,4 +304,3 @@ done:
return True;
}
-
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index 381cdaaa20..0ba9ab8266 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -51,9 +51,6 @@
- I'm pretty annoyed by all the make_nmb_name() stuff. It should be
moved down into another function.
- - There needs to be a utility function in libsmb/namequery.c that does
- cm_get_dc_name()
-
- Take care when destroying cli_structs as they can be shared between
various sam handles.
@@ -132,8 +129,6 @@ static BOOL cm_ads_find_dc(const char *domain, struct in_addr *dc_ip, fstring sr
return True;
}
-
-
static BOOL cm_get_dc_name(const char *domain, fstring srv_name, struct in_addr *ip_out)
{
static struct get_dc_name_cache *get_dc_name_cache;
@@ -196,7 +191,7 @@ static BOOL cm_get_dc_name(const char *domain, fstring srv_name, struct in_addr
if (!ret) {
/* fall back on rpc methods if the ADS methods fail */
- ret = rpc_find_dc(domain, srv_name, &dc_ip);
+ ret = get_dc_name(domain, srv_name, &dc_ip);
}
if (!ret)