IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

ipa-kdb: cache KDC hostname on startup

Browse Source 
We need KDC hostname for several purposes:
- short-circuit detection of principals on the same server as KDC
- generating NetBIOS name

Make sure we cache hostname information on startup and use it
instead of detecting the hostname in run-time. This will miss the
case that KDC hostname got changed but such cases are not supported
anyway without restarting KDC and making changes to principals.
This commit is contained in:
Alexander Bokovoy 2013-07-18 17:10:01 +03:00
parent 881290b010
commit 67bcbab897
3 changed files with 19 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
daemons/ipa-kdb/ipa_kdb.c
View File

@ -21,6 +21,7 @@
*/ */
#include <talloc.h> #include <talloc.h>
#include <sys/utsname.h>
#include "ipa_kdb.h" #include "ipa_kdb.h"
@ -46,6 +47,7 @@ static void ipadb_context_free(krb5_context kcontext,
free((*ctx)->uri); free((*ctx)->uri);
free((*ctx)->base); free((*ctx)->base);
free((*ctx)->realm_base); free((*ctx)->realm_base);
free((*ctx)->kdc_hostname);
/* ldap free lcontext */ /* ldap free lcontext */
if ((*ctx)->lcontext) { if ((*ctx)->lcontext) {
ldap_unbind_ext_s((*ctx)->lcontext, NULL, NULL); ldap_unbind_ext_s((*ctx)->lcontext, NULL, NULL);
@ -442,6 +444,7 @@ static krb5_error_code ipadb_init_module(krb5_context kcontext,
krb5_error_code kerr; krb5_error_code kerr;
int ret; int ret;
int i; int i;
struct utsname uname_data;
/* make sure the context is freed to avoid leaking it */ /* make sure the context is freed to avoid leaking it */
ipactx = ipadb_get_context(kcontext); ipactx = ipadb_get_context(kcontext);
@ -494,6 +497,18 @@ static krb5_error_code ipadb_init_module(krb5_context kcontext,
goto fail; goto fail;
} }
ret = uname(&uname_data);
if (ret) {
ret = EINVAL;
goto fail;
}
ipactx->kdc_hostname = strdup(uname_data.nodename);
if (!ipactx->kdc_hostname) {
ret = ENOMEM;
goto fail;
}
ret = ipadb_get_connection(ipactx); ret = ipadb_get_connection(ipactx);
if (ret != 0) { if (ret != 0) {
/* not a fatal failure, as the LDAP server may be temporarily down */ /* not a fatal failure, as the LDAP server may be temporarily down */

1
daemons/ipa-kdb/ipa_kdb.h
View File

@ -92,6 +92,7 @@ struct ipadb_context {
char *base; char *base;
char *realm; char *realm;
char *realm_base; char *realm_base;
char *kdc_hostname;
LDAP *lcontext; LDAP *lcontext;
krb5_context kcontext; krb5_context kcontext;
bool override_restrictions; bool override_restrictions;

9
daemons/ipa-kdb/ipa_kdb_mspac.c
View File

@ -1905,16 +1905,13 @@ done:
return kerr; return kerr;
} }
static char *get_server_netbios_name(void) static char *get_server_netbios_name(struct ipadb_context *ipactx)
{ {
char hostname[MAXHOSTNAMELEN + 1]; /* NOTE: this is 64, too little ? */ char hostname[MAXHOSTNAMELEN + 1]; /* NOTE: this is 64, too little ? */
char *p; char *p;
int ret; int ret;
ret = gethostname(hostname, MAXHOSTNAMELEN); strncpy(hostname, ipactx->kdc_hostname, MAXHOSTNAMELEN);
if (ret) {
return NULL;
}
/* May miss termination */ /* May miss termination */
hostname[MAXHOSTNAMELEN] = '\0'; hostname[MAXHOSTNAMELEN] = '\0';
for (p = hostname; *p; p++) { for (p = hostname; *p; p++) {
@ -2245,7 +2242,7 @@ krb5_error_code ipadb_reinit_mspac(struct ipadb_context *ipactx)
free(resstr); free(resstr);
free(ipactx->mspac->flat_server_name); free(ipactx->mspac->flat_server_name);
ipactx->mspac->flat_server_name = get_server_netbios_name(); ipactx->mspac->flat_server_name = get_server_netbios_name(ipactx);
if (!ipactx->mspac->flat_server_name) { if (!ipactx->mspac->flat_server_name) {
kerr = ENOMEM; kerr = ENOMEM;
goto done; goto done;