From 5d05d2299983b5d34615cd269b04806bba173c0d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 28 Jul 2009 11:51:58 -0700 Subject: Added prefer_ipv4 bool parameter to resolve_name(). W2K3 DC's can have IPv6 addresses but won't serve krb5/ldap or cldap on those addresses. Make sure when we're asking for DC's we prefer IPv4. If you have an IPv6-only network this prioritizing code will be a no-op. And if you have a mixed network then you need to prioritize IPv4 due to W2K3 DC's. Jeremy. --- source3/libads/ldap.c | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) (limited to 'source3/libads/ldap.c') diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 102fc83d0f..bb8d43c96f 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -192,29 +192,42 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc) { char *srv; struct NETLOGON_SAM_LOGON_RESPONSE_EX cldap_reply; - TALLOC_CTX *mem_ctx = NULL; + TALLOC_CTX *frame = talloc_stackframe(); bool ret = false; if (!server || !*server) { + TALLOC_FREE(frame); return False; } - DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n", - server, ads->server.realm)); + if (!is_ipaddress(server)) { + struct sockaddr_storage ss; + char addr[INET6_ADDRSTRLEN]; - mem_ctx = talloc_init("ads_try_connect"); - if (!mem_ctx) { - DEBUG(0,("out of memory\n")); - return false; + if (!resolve_name(server, &ss, 0x20, true)) { + DEBUG(5,("ads_try_connect: unable to resolve name %s\n", + server )); + TALLOC_FREE(frame); + return false; + } + print_sockaddr(addr, sizeof(addr), &ss); + srv = talloc_strdup(frame, addr); + } else { + /* this copes with inet_ntoa brokenness */ + srv = talloc_strdup(frame, server); } - /* this copes with inet_ntoa brokenness */ + if (!srv) { + TALLOC_FREE(frame); + return false; + } - srv = SMB_STRDUP(server); + DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n", + srv, ads->server.realm)); ZERO_STRUCT( cldap_reply ); - if ( !ads_cldap_netlogon_5(mem_ctx, srv, ads->server.realm, &cldap_reply ) ) { + if ( !ads_cldap_netlogon_5(frame, srv, ads->server.realm, &cldap_reply ) ) { DEBUG(3,("ads_try_connect: CLDAP request %s failed.\n", srv)); ret = false; goto out; @@ -267,10 +280,10 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc) sitename_store( cldap_reply.dns_domain, cldap_reply.client_site); ret = true; + out: - SAFE_FREE(srv); - TALLOC_FREE(mem_ctx); + TALLOC_FREE(frame); return ret; } -- cgit