From 1eb743ab8e8b1141f99fabd3e4a46895c6dcc17e Mon Sep 17 00:00:00 2001
From: Tim Prouty <tprouty@samba.org>
Date: Tue, 2 Dec 2008 23:29:57 -0800
Subject: s3: Change sockaddr util function names for consistency

Also eliminates name conflicts with OneFS system libraries
---
 source3/libads/kerberos.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source3/libads')

diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 4658f66cfd..7dfc19b462 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -772,7 +772,7 @@ static char *get_kdc_ip_string(char *mem_ctx,
 		get_kdc_list(realm, sitename, &ip_srv_site, &count_site);
 
 		for (i = 0; i < count_site; i++) {
-			if (addr_equal((struct sockaddr *)&ip_srv_site[i].ss, 
+			if (sockaddr_equal((struct sockaddr *)&ip_srv_site[i].ss,
 						   (struct sockaddr *)pss)) {
 				continue;
 			}
@@ -795,13 +795,13 @@ static char *get_kdc_ip_string(char *mem_ctx,
 	for (i = 0; i < count_nonsite; i++) {
 		int j;
 
-		if (addr_equal((struct sockaddr *)&ip_srv_nonsite[i].ss, (struct sockaddr *)pss)) {
+		if (sockaddr_equal((struct sockaddr *)&ip_srv_nonsite[i].ss, (struct sockaddr *)pss)) {
 			continue;
 		}
 
 		/* Ensure this isn't an IP already seen (YUK! this is n*n....) */
 		for (j = 0; j < count_site; j++) {
-			if (addr_equal((struct sockaddr *)&ip_srv_nonsite[i].ss,
+			if (sockaddr_equal((struct sockaddr *)&ip_srv_nonsite[i].ss,
 						(struct sockaddr *)&ip_srv_site[j].ss)) {
 				break;
 			}
-- 
cgit 


From 588f5aae669910fee6da7f807f330163496b4170 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 22 Oct 2008 10:36:21 +0200
Subject: s3: correctly detect if the current dc is the closest one
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

ads->config.tried_closest_dc was never set.

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit dfe5b00db35e1e7c7bb3ba36729fc3f97eb48db3)
---
 source3/libads/ndr.c | 1 -
 1 file changed, 1 deletion(-)

(limited to 'source3/libads')

diff --git a/source3/libads/ndr.c b/source3/libads/ndr.c
index 6324a22041..6ada66ca40 100644
--- a/source3/libads/ndr.c
+++ b/source3/libads/ndr.c
@@ -75,7 +75,6 @@ void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct
 	ndr_print_string(ndr, "server_site_name", r->config.server_site_name);
 	ndr_print_string(ndr, "client_site_name", r->config.client_site_name);
 	ndr_print_time_t(ndr, "current_time", r->config.current_time);
-	ndr_print_bool(ndr, "tried_closest_dc", r->config.tried_closest_dc);
 	ndr_print_string(ndr, "schema_path", r->config.schema_path);
 	ndr_print_string(ndr, "config_path", r->config.config_path);
 	ndr->depth--;
-- 
cgit 


From 7f779450cb0b0d9f36665c56c4acd0950daaeab2 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 22 Oct 2008 11:14:10 +0200
Subject: s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the
 LDAP case
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We use get_dc_name() for LDAP because it generates the selfwritten
krb5.conf with the correct kdc addresses and sets KRB5_CONFIG.

For CLDAP we need to use get_sorted_dc_list() to avoid recursion.

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f)
---
 source3/libads/ldap.c | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

(limited to 'source3/libads')

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 932e42e076..31feea50c7 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -310,11 +310,35 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
 
 	realm = c_realm;
 
+	/*
+	 * In case of LDAP we use get_dc_name() as that
+	 * creates the custom krb5.conf file
+	 */
+	if (!(ads->auth.flags & ADS_AUTH_NO_BIND)) {
+		fstring srv_name;
+		struct sockaddr_storage ip_out;
+
+		DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n",
+			(got_realm ? "realm" : "domain"), realm));
+
+		if (get_dc_name(realm, realm, srv_name, &ip_out)) {
+			/*
+			 * we call ads_try_connect() to fill in the
+			 * ads->config details
+			 */
+			if (ads_try_connect(ads, srv_name, false)) {
+				return NT_STATUS_OK;
+			}
+		}
+
+		return NT_STATUS_NO_LOGON_SERVERS;
+	}
+
 	sitename = sitename_fetch(realm);
 
  again:
 
-	DEBUG(6,("ads_find_dc: looking for %s '%s'\n",
+	DEBUG(6,("ads_find_dc: (cldap) looking for %s '%s'\n",
 		(got_realm ? "realm" : "domain"), realm));
 
 	status = get_sorted_dc_list(realm, sitename, &ip_list, &count, got_realm);
-- 
cgit 


From 2f27ffc4a2ba745341a5961b8f04e62da3fb089a Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 27 Oct 2008 19:36:25 +0100
Subject: s3:libads/ldap.c: pass the real workgroup name to get_dc_name()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit c2d4a84abe1b6cbf68d6e9f1bb1f8974d0b628fc)
---
 source3/libads/ldap.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'source3/libads')

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 31feea50c7..61e04d1e7c 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -267,10 +267,12 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc)
 
 static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
 {
+	const char *c_domain;
 	const char *c_realm;
 	int count, i=0;
 	struct ip_service *ip_list;
 	const char *realm;
+	const char *domain;
 	bool got_realm = False;
 	bool use_own_domain = False;
 	char *sitename;
@@ -308,7 +310,14 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
 		return NT_STATUS_INVALID_PARAMETER; /* rather need MISSING_PARAMETER ... */
 	}
 
+	if ( use_own_domain ) {
+		c_domain = lp_workgroup();
+	} else {
+		c_domain = ads->server.workgroup;
+	}
+
 	realm = c_realm;
+	domain = c_domain;
 
 	/*
 	 * In case of LDAP we use get_dc_name() as that
@@ -321,7 +330,7 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
 		DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n",
 			(got_realm ? "realm" : "domain"), realm));
 
-		if (get_dc_name(realm, realm, srv_name, &ip_out)) {
+		if (get_dc_name(domain, realm, srv_name, &ip_out)) {
 			/*
 			 * we call ads_try_connect() to fill in the
 			 * ads->config details
-- 
cgit 


From a8040d59659e58c5cb92c1107a7ff012eff12729 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 27 Oct 2008 19:38:15 +0100
Subject: s3:libads/ldap.c: if the client belongs to no site at all any dc is
 the closest
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit f86ef9b53a903485deba94febf90dd4e657cc02b)
---
 source3/libads/ldap.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'source3/libads')

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 61e04d1e7c..c0bb9c7e2d 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -162,6 +162,11 @@ bool ads_closest_dc(ADS_STRUCT *ads)
 		return True;
 	}
 
+	if (ads->config.client_site_name == NULL) {
+		DEBUG(10,("ads_closest_dc: client belongs to no site\n"));
+		return True;
+	}
+
 	DEBUG(10,("ads_closest_dc: %s is not the closest DC\n", 
 		ads->config.ldap_server_name));
 
-- 
cgit 


From 17efebde11eafd065c2cac39cdbe55b8d40d40be Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 27 Oct 2008 19:39:30 +0100
Subject: s3:libads/ldap.c: store the dc name in the saf cache as in all other
 places
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit 543fa85a711337e979c7b631bda5db95d109ef59)
---
 source3/libads/ldap.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'source3/libads')

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index c0bb9c7e2d..cf8a7ebb1b 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -651,9 +651,8 @@ got_connection:
 
 	/* cache the successful connection for workgroup and realm */
 	if (ads_closest_dc(ads)) {
-		print_sockaddr(addr, sizeof(addr), &ads->ldap.ss);
-		saf_store( ads->server.workgroup, addr);
-		saf_store( ads->server.realm, addr);
+		saf_store( ads->server.workgroup, ads->config.ldap_server_name);
+		saf_store( ads->server.realm, ads->config.ldap_server_name);
 	}
 
 	ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version);
-- 
cgit