From 8e17f1e9579b9171639c109be51ada9032c52df7 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Thu, 18 Jul 2013 17:10:01 +0300
Subject: ipa-kdb: cache KDC hostname on startup

We need KDC hostname for several purposes:
- short-circuit detection of principals on the same server as KDC
- generating NetBIOS name

Make sure we cache hostname information on startup and use it
instead of detecting the hostname in run-time. This will miss the
case that KDC hostname got changed but such cases are not supported
anyway without restarting KDC and making changes to principals.
---
 daemons/ipa-kdb/ipa_kdb.c       | 15 +++++++++++++++
 daemons/ipa-kdb/ipa_kdb.h       |  1 +
 daemons/ipa-kdb/ipa_kdb_mspac.c |  9 +++------
 3 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/daemons/ipa-kdb/ipa_kdb.c b/daemons/ipa-kdb/ipa_kdb.c
index 8464264cf..51b879ca0 100644
--- a/daemons/ipa-kdb/ipa_kdb.c
+++ b/daemons/ipa-kdb/ipa_kdb.c
@@ -21,6 +21,7 @@
  */
 
 #include <talloc.h>
+#include <sys/utsname.h>
 
 #include "ipa_kdb.h"
 
@@ -46,6 +47,7 @@ static void ipadb_context_free(krb5_context kcontext,
         free((*ctx)->uri);
         free((*ctx)->base);
         free((*ctx)->realm_base);
+        free((*ctx)->kdc_hostname);
         /* ldap free lcontext */
         if ((*ctx)->lcontext) {
             ldap_unbind_ext_s((*ctx)->lcontext, NULL, NULL);
@@ -442,6 +444,7 @@ static krb5_error_code ipadb_init_module(krb5_context kcontext,
     krb5_error_code kerr;
     int ret;
     int i;
+    struct utsname uname_data;
 
     /* make sure the context is freed to avoid leaking it */
     ipactx = ipadb_get_context(kcontext);
@@ -494,6 +497,18 @@ static krb5_error_code ipadb_init_module(krb5_context kcontext,
         goto fail;
     }
 
+    ret = uname(&uname_data);
+    if (ret) {
+        ret = EINVAL;
+        goto fail;
+    }
+
+    ipactx->kdc_hostname = strdup(uname_data.nodename);
+    if (!ipactx->kdc_hostname) {
+        ret = ENOMEM;
+        goto fail;
+    }
+
     ret = ipadb_get_connection(ipactx);
     if (ret != 0) {
         /* not a fatal failure, as the LDAP server may be temporarily down */
diff --git a/daemons/ipa-kdb/ipa_kdb.h b/daemons/ipa-kdb/ipa_kdb.h
index 54869d8f9..9e8e0c6f1 100644
--- a/daemons/ipa-kdb/ipa_kdb.h
+++ b/daemons/ipa-kdb/ipa_kdb.h
@@ -92,6 +92,7 @@ struct ipadb_context {
     char *base;
     char *realm;
     char *realm_base;
+    char *kdc_hostname;
     LDAP *lcontext;
     krb5_context kcontext;
     bool override_restrictions;
diff --git a/daemons/ipa-kdb/ipa_kdb_mspac.c b/daemons/ipa-kdb/ipa_kdb_mspac.c
index 96eac6f27..d6c4f9a6a 100644
--- a/daemons/ipa-kdb/ipa_kdb_mspac.c
+++ b/daemons/ipa-kdb/ipa_kdb_mspac.c
@@ -1905,16 +1905,13 @@ done:
     return kerr;
 }
 
-static char *get_server_netbios_name(void)
+static char *get_server_netbios_name(struct ipadb_context *ipactx)
 {
     char hostname[MAXHOSTNAMELEN + 1]; /* NOTE: this is 64, too little ? */
     char *p;
     int ret;
 
-    ret = gethostname(hostname, MAXHOSTNAMELEN);
-    if (ret) {
-        return NULL;
-    }
+    strncpy(hostname, ipactx->kdc_hostname, MAXHOSTNAMELEN);
     /* May miss termination */
     hostname[MAXHOSTNAMELEN] = '\0';
     for (p = hostname; *p; p++) {
@@ -2245,7 +2242,7 @@ krb5_error_code ipadb_reinit_mspac(struct ipadb_context *ipactx)
     free(resstr);
 
     free(ipactx->mspac->flat_server_name);
-    ipactx->mspac->flat_server_name = get_server_netbios_name();
+    ipactx->mspac->flat_server_name = get_server_netbios_name(ipactx);
     if (!ipactx->mspac->flat_server_name) {
         kerr = ENOMEM;
         goto done;
-- 
cgit