ipa-kdb: cache KDC hostname on startup

We need KDC hostname for several purposes: - short-circuit detection of principals on the same server as KDC - generating NetBIOS name Make sure we cache hostname information on startup and use it instead of detecting the hostname in run-time. This will miss the case that KDC hostname got changed but such cases are not supported anyway without restarting KDC and making changes to principals.
2025-02-25 18:55:28 -06:00 · 2013-07-18 17:10:01 +03:00 · 2013-07-18 17:10:01 +03:00 · 67bcbab897
commit 67bcbab897
parent 881290b010
3 changed files with 19 additions and 6 deletions
--- a/daemons/ipa-kdb/ipa_kdb.c
+++ b/daemons/ipa-kdb/ipa_kdb.c
@ -21,6 +21,7 @@
 */

 #include <talloc.h>
+#include <sys/utsname.h>

 #include "ipa_kdb.h"

@ -46,6 +47,7 @@ static void ipadb_context_free(krb5_context kcontext,
        free((*ctx)->uri);
        free((*ctx)->base);
        free((*ctx)->realm_base);
+        free((*ctx)->kdc_hostname);
        /* ldap free lcontext */
        if ((*ctx)->lcontext) {
            ldap_unbind_ext_s((*ctx)->lcontext, NULL, NULL);
@ -442,6 +444,7 @@ static krb5_error_code ipadb_init_module(krb5_context kcontext,
    krb5_error_code kerr;
    int ret;
    int i;
+    struct utsname uname_data;

    /* make sure the context is freed to avoid leaking it */
    ipactx = ipadb_get_context(kcontext);
@ -494,6 +497,18 @@ static krb5_error_code ipadb_init_module(krb5_context kcontext,
        goto fail;
    }

+    ret = uname(&uname_data);
+    if (ret) {
+        ret = EINVAL;
+        goto fail;
+    }
+
+    ipactx->kdc_hostname = strdup(uname_data.nodename);
+    if (!ipactx->kdc_hostname) {
+        ret = ENOMEM;
+        goto fail;
+    }
+
    ret = ipadb_get_connection(ipactx);
    if (ret != 0) {
        /* not a fatal failure, as the LDAP server may be temporarily down */
--- a/daemons/ipa-kdb/ipa_kdb.h
+++ b/daemons/ipa-kdb/ipa_kdb.h
@ -92,6 +92,7 @@ struct ipadb_context {
    char *base;
    char *realm;
    char *realm_base;
+    char *kdc_hostname;
    LDAP *lcontext;
    krb5_context kcontext;
    bool override_restrictions;
--- a/daemons/ipa-kdb/ipa_kdb_mspac.c
+++ b/daemons/ipa-kdb/ipa_kdb_mspac.c
@ -1905,16 +1905,13 @@ done:
    return kerr;
 }

-static char *get_server_netbios_name(void)
+static char *get_server_netbios_name(struct ipadb_context *ipactx)
 {
    char hostname[MAXHOSTNAMELEN + 1]; /* NOTE: this is 64, too little ? */
    char *p;
    int ret;

-    ret = gethostname(hostname, MAXHOSTNAMELEN);
-    if (ret) {
-        return NULL;
-    }
+    strncpy(hostname, ipactx->kdc_hostname, MAXHOSTNAMELEN);
    /* May miss termination */
    hostname[MAXHOSTNAMELEN] = '\0';
    for (p = hostname; *p; p++) {
@ -2245,7 +2242,7 @@ krb5_error_code ipadb_reinit_mspac(struct ipadb_context *ipactx)
    free(resstr);

    free(ipactx->mspac->flat_server_name);
-    ipactx->mspac->flat_server_name = get_server_netbios_name();
+    ipactx->mspac->flat_server_name = get_server_netbios_name(ipactx);
    if (!ipactx->mspac->flat_server_name) {
        kerr = ENOMEM;
        goto done;