From f51d769dd303027a3dbf46fc89a482933988e866 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 25 Jun 2003 17:41:05 +0000 Subject: large change: *) consolidates the dc location routines again (dns and netbios) get_dc_list() or get_sorted_dc_list() is the authoritative means of locating DC's again. (also inludes a flag to get_dc_list() to define if this should be a DNS only lookup or not) (however, if you set "name resolve order = hosts wins" you could still get DNS queries for domain name IFF ldap_domain2hostlist() fails. The answer? Fix your DNS setup) *) enabled DOMAIN<0x1c> lookups to be funneled through resolve_hosts resulting in a call to ldap_domain2hostlist() if lp_security() == SEC_ADS *) enables name cache for winbind ADS backend *) enable the negative connection cache for winbind ADS backend *) removes some old dead code *) consolidates some duplicate code *) moves the internal_name_resolve() to use an IP/port pair to deal with SRV RR dns replies. The namecache code also supports the IP:port syntax now as well. *) removes 'ads server' and moves the functionality back into 'password server' (which can support "hostname:port" syntax now but works fine with defaults depending on the value of lp_security()) (This used to be commit d7f7fcda425bef380441509734eca33da943c091) --- source3/libsmb/namequery_dc.c | 155 +++--------------------------------------- 1 file changed, 9 insertions(+), 146 deletions(-) (limited to 'source3/libsmb/namequery_dc.c') diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c index ac1f9a54de..fc383d9a6b 100644 --- a/source3/libsmb/namequery_dc.c +++ b/source3/libsmb/namequery_dc.c @@ -24,137 +24,6 @@ #include "includes.h" - -#define FAILED_CONNECTION_CACHE_TIMEOUT 30 /* Seconds between attempts */ - -struct failed_connection_cache { - fstring domain_name; - fstring controller; - time_t lookup_time; - NTSTATUS nt_status; - struct failed_connection_cache *prev, *next; -}; - -static struct failed_connection_cache *failed_connection_cache; - -/********************************************************************** - Check for a previously failed connection -**********************************************************************/ - -static NTSTATUS check_negative_conn_cache( const char *domain, const char *server ) -{ - struct failed_connection_cache *fcc; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - /* can't check if we don't have strings */ - - if ( !domain || !server ) - return NT_STATUS_OK; - - for (fcc = failed_connection_cache; fcc; fcc = fcc->next) { - - /* - * we have a match IFF the domain and server name matches - * (a) the domain matches, - * (b) the IP address matches (if we have one) - * (c) the server name (if specified) matches - */ - - if ( !strequal(domain, fcc->domain_name) || !strequal(server, fcc->controller) ) - continue; /* no match; check the next entry */ - - /* we have a match so see if it is still current */ - - if ((time(NULL) - fcc->lookup_time) > FAILED_CONNECTION_CACHE_TIMEOUT) - { - /* Cache entry has expired, delete it */ - - DEBUG(10, ("check_negative_conn_cache: cache entry expired for %s, %s\n", - domain, server )); - - DLIST_REMOVE(failed_connection_cache, fcc); - SAFE_FREE(fcc); - - return NT_STATUS_OK; - } - - /* The timeout hasn't expired yet so return false */ - - DEBUG(10, ("check_negative_conn_cache: returning negative entry for %s, %s\n", - domain, server )); - - result = fcc->nt_status; - return result; - } - - /* end of function means no cache entry */ - return NT_STATUS_OK; -} - -/********************************************************************** - Add an entry to the failed conneciton cache -**********************************************************************/ - -void add_failed_connection_entry(const char *domain, const char *server, NTSTATUS result) -{ - struct failed_connection_cache *fcc; - - SMB_ASSERT(!NT_STATUS_IS_OK(result)); - - /* Check we already aren't in the cache. We always have to have - a domain, but maybe not a specific DC name. */ - - for (fcc = failed_connection_cache; fcc; fcc = fcc->next) { - if ( strequal(fcc->domain_name, domain) && strequal(fcc->controller, server) ) - { - DEBUG(10, ("add_failed_connection_entry: domain %s (%s) already tried and failed\n", - domain, server )); - return; - } - } - - /* Create negative lookup cache entry for this domain and controller */ - - if ( !(fcc = (struct failed_connection_cache *)malloc(sizeof(struct failed_connection_cache))) ) - { - DEBUG(0, ("malloc failed in add_failed_connection_entry!\n")); - return; - } - - ZERO_STRUCTP(fcc); - - fstrcpy( fcc->domain_name, domain ); - fstrcpy( fcc->controller, server ); - fcc->lookup_time = time(NULL); - fcc->nt_status = result; - - DEBUG(10,("add_failed_connection_entry: added domain %s (%s) to failed conn cache\n", - domain, server )); - - DLIST_ADD(failed_connection_cache, fcc); -} - -/**************************************************************************** -****************************************************************************/ - -void flush_negative_conn_cache( void ) -{ - struct failed_connection_cache *fcc; - - fcc = failed_connection_cache; - - while (fcc) { - struct failed_connection_cache *fcc_next; - - fcc_next = fcc->next; - DLIST_REMOVE(failed_connection_cache, fcc); - free(fcc); - - fcc = fcc_next; - } - -} - /**************************************************************************** Utility function to return the name of a DC. The name is guaranteed to be valid since we have already done a name_status_find on it @@ -162,9 +31,9 @@ void flush_negative_conn_cache( void ) BOOL rpc_dc_name(const char *domain, fstring srv_name, struct in_addr *ip_out) { - struct in_addr *ip_list = NULL, dc_ip, exclude_ip; + struct ip_service *ip_list = NULL; + struct in_addr dc_ip, exclude_ip; int count, i; - BOOL list_ordered; BOOL use_pdc_only; NTSTATUS result; @@ -181,7 +50,7 @@ BOOL rpc_dc_name(const char *domain, fstring srv_name, struct in_addr *ip_out) /* check the connection cache and perform the node status lookup only if the IP is not found to be bad */ - if (name_status_find(domain, 0x1c, 0x20, dc_ip, srv_name) ) { + if (name_status_find(domain, 0x1b, 0x20, dc_ip, srv_name) ) { result = check_negative_conn_cache( domain, srv_name ); if ( NT_STATUS_IS_OK(result) ) goto done; @@ -192,7 +61,7 @@ BOOL rpc_dc_name(const char *domain, fstring srv_name, struct in_addr *ip_out) /* get a list of all domain controllers */ - if (!get_dc_list( domain, &ip_list, &count, &list_ordered) ) { + if ( !get_sorted_dc_list(domain, &ip_list, &count, False) ) { DEBUG(3, ("Could not look up dc's for domain %s\n", domain)); return False; } @@ -201,25 +70,19 @@ BOOL rpc_dc_name(const char *domain, fstring srv_name, struct in_addr *ip_out) if ( use_pdc_only ) { for (i = 0; i < count; i++) { - if (ip_equal( exclude_ip, ip_list[i])) - zero_ip(&ip_list[i]); + if (ip_equal( exclude_ip, ip_list[i].ip)) + zero_ip(&ip_list[i].ip); } } - /* Pick a nice close server, but only if the list was not ordered */ - - if (!list_ordered && (count > 1) ) { - qsort(ip_list, count, sizeof(struct in_addr), QSORT_CAST ip_compare); - } - for (i = 0; i < count; i++) { - if (is_zero_ip(ip_list[i])) + if (is_zero_ip(ip_list[i].ip)) continue; - if (name_status_find(domain, 0x1c, 0x20, ip_list[i], srv_name)) { + if (name_status_find(domain, 0x1c, 0x20, ip_list[i].ip, srv_name)) { result = check_negative_conn_cache( domain, srv_name ); if ( NT_STATUS_IS_OK(result) ) { - dc_ip = ip_list[i]; + dc_ip = ip_list[i].ip; goto done; } } -- cgit