diff options
| author | Alexander Bokovoy <abokovoy@redhat.com> | 2013-07-18 17:10:01 +0300 |
|---|---|---|
| committer | Alexander Bokovoy <abokovoy@redhat.com> | 2013-07-18 17:16:48 +0300 |
| commit | 8e17f1e9579b9171639c109be51ada9032c52df7 (patch) | |
| tree | ec32b4f0273e1e71817c10f1d52a84e86dfad7ad | |
| parent | e375aca57cfea570e2b92d7f555bda6267d05d7a (diff) | |
| download | freeipa-8e17f1e9579b9171639c109be51ada9032c52df7.tar.gz freeipa-8e17f1e9579b9171639c109be51ada9032c52df7.tar.xz freeipa-8e17f1e9579b9171639c109be51ada9032c52df7.zip | |
ipa-kdb: cache KDC hostname on startup
We need KDC hostname for several purposes:
- short-circuit detection of principals on the same server as KDC
- generating NetBIOS name
Make sure we cache hostname information on startup and use it
instead of detecting the hostname in run-time. This will miss the
case that KDC hostname got changed but such cases are not supported
anyway without restarting KDC and making changes to principals.
| -rw-r--r-- | daemons/ipa-kdb/ipa_kdb.c | 15 | ||||
| -rw-r--r-- | daemons/ipa-kdb/ipa_kdb.h | 1 | ||||
| -rw-r--r-- | daemons/ipa-kdb/ipa_kdb_mspac.c | 9 |
3 files changed, 19 insertions, 6 deletions
diff --git a/daemons/ipa-kdb/ipa_kdb.c b/daemons/ipa-kdb/ipa_kdb.c index 8464264cf..51b879ca0 100644 --- a/daemons/ipa-kdb/ipa_kdb.c +++ b/daemons/ipa-kdb/ipa_kdb.c @@ -21,6 +21,7 @@ */ #include <talloc.h> +#include <sys/utsname.h> #include "ipa_kdb.h" @@ -46,6 +47,7 @@ static void ipadb_context_free(krb5_context kcontext, free((*ctx)->uri); free((*ctx)->base); free((*ctx)->realm_base); + free((*ctx)->kdc_hostname); /* ldap free lcontext */ if ((*ctx)->lcontext) { ldap_unbind_ext_s((*ctx)->lcontext, NULL, NULL); @@ -442,6 +444,7 @@ static krb5_error_code ipadb_init_module(krb5_context kcontext, krb5_error_code kerr; int ret; int i; + struct utsname uname_data; /* make sure the context is freed to avoid leaking it */ ipactx = ipadb_get_context(kcontext); @@ -494,6 +497,18 @@ static krb5_error_code ipadb_init_module(krb5_context kcontext, goto fail; } + ret = uname(&uname_data); + if (ret) { + ret = EINVAL; + goto fail; + } + + ipactx->kdc_hostname = strdup(uname_data.nodename); + if (!ipactx->kdc_hostname) { + ret = ENOMEM; + goto fail; + } + ret = ipadb_get_connection(ipactx); if (ret != 0) { /* not a fatal failure, as the LDAP server may be temporarily down */ diff --git a/daemons/ipa-kdb/ipa_kdb.h b/daemons/ipa-kdb/ipa_kdb.h index 54869d8f9..9e8e0c6f1 100644 --- a/daemons/ipa-kdb/ipa_kdb.h +++ b/daemons/ipa-kdb/ipa_kdb.h @@ -92,6 +92,7 @@ struct ipadb_context { char *base; char *realm; char *realm_base; + char *kdc_hostname; LDAP *lcontext; krb5_context kcontext; bool override_restrictions; diff --git a/daemons/ipa-kdb/ipa_kdb_mspac.c b/daemons/ipa-kdb/ipa_kdb_mspac.c index 96eac6f27..d6c4f9a6a 100644 --- a/daemons/ipa-kdb/ipa_kdb_mspac.c +++ b/daemons/ipa-kdb/ipa_kdb_mspac.c @@ -1905,16 +1905,13 @@ done: return kerr; } -static char *get_server_netbios_name(void) +static char *get_server_netbios_name(struct ipadb_context *ipactx) { char hostname[MAXHOSTNAMELEN + 1]; /* NOTE: this is 64, too little ? */ char *p; int ret; - ret = gethostname(hostname, MAXHOSTNAMELEN); - if (ret) { - return NULL; - } + strncpy(hostname, ipactx->kdc_hostname, MAXHOSTNAMELEN); /* May miss termination */ hostname[MAXHOSTNAMELEN] = '\0'; for (p = hostname; *p; p++) { @@ -2245,7 +2242,7 @@ krb5_error_code ipadb_reinit_mspac(struct ipadb_context *ipactx) free(resstr); free(ipactx->mspac->flat_server_name); - ipactx->mspac->flat_server_name = get_server_netbios_name(); + ipactx->mspac->flat_server_name = get_server_netbios_name(ipactx); if (!ipactx->mspac->flat_server_name) { kerr = ENOMEM; goto done; |