Attachment 16033 Details for Bug 13124 – fix for 4.11, cherry-picked from master

[patch] fix for 4.11, cherry-picked from master

fix-bug-13124_4-11.patch (text/plain), 2.89 KB, created by Björn Baumbach on 2020-06-11 13:08:41 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Björn Baumbach

Created: 2020-06-11 13:08:41 UTC

Size: 2.89 KB

patch

obsolete

>From 6982bad11a9cabe91bc17841a697a2ea7d21c2ad Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?Bj=C3=B6rn=20Baumbach?= <bb@sernet.de>
>Date: Mon, 10 Feb 2020 19:19:44 +0100
>Subject: [PATCH 1/2] s3-libads: use dns name to open a ldap session
>MIME-Version: 1.0
>Content-Type: text/plain; charset=UTF-8
>Content-Transfer-Encoding: 8bit
>
>Required for working certificate verification.
>
>Bug: https://bugzilla.samba.org/show_bug.cgi?id=13124
>Signed-off-by: BjÃ¶rn Baumbach <bb@sernet.de>
>Reviewed-by: Bjoern Jacke <bjacke@samba.org>
>
>Autobuild-User(master): BjÃ¶rn Baumbach <bb@sernet.de>
>Autobuild-Date(master): Thu Mar  5 12:29:26 UTC 2020 on sn-devel-184
>
>(cherry picked from commit e45e0912d99335f4feec7f937180ea21f7f62a72)
>---
> source3/libads/ldap.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
>index 8ad76ed0ae9..8adfb15fb55 100644
>--- a/source3/libads/ldap.c
>+++ b/source3/libads/ldap.c
>@@ -669,7 +669,7 @@ got_connection:
> 
> 	/* Otherwise setup the TCP LDAP session */
> 
>-	ads->ldap.ld = ldap_open_with_timeout(addr,
>+	ads->ldap.ld = ldap_open_with_timeout(ads->config.ldap_server_name,
> 					      &ads->ldap.ss,
> 					      ads->ldap.port, lp_ldap_timeout());
> 	if (ads->ldap.ld == NULL) {
>-- 
>2.26.2
>
>
>From f5b83cb2c1fdc3b76b0723b2ab6c25337167947f Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?Bj=C3=B6rn=20Baumbach?= <bb@sernet.de>
>Date: Wed, 3 Jun 2020 19:40:59 +0200
>Subject: [PATCH 2/2] s3-libads: use ldap_init_fd() to initialize a ldap
> session if possible
>MIME-Version: 1.0
>Content-Type: text/plain; charset=UTF-8
>Content-Transfer-Encoding: 8bit
>
>Use the known ip address of the ldap server to open the connection and
>initialize the ldap session with ldap_init_fd().
>
>This avoid unnecessary DNS lookups which might block or prevent the
>successful connection.
>
>Bug: https://bugzilla.samba.org/show_bug.cgi?id=13124
>
>Signed-off-by: BjÃ¶rn Baumbach <bb@sernet.de>
>Reviewed-by: Stefan Metzmacher <metze@samba.org>
>Reviewed-by: Andrew Bartlett <abartlet@samba.org>
>(cherry picked from commit c8080bbd708eaa3212fa516861ac9e3b267989a0)
>---
> source3/libads/ldap.c | 18 +++++++++++++++++-
> 1 file changed, 17 insertions(+), 1 deletion(-)
>
>diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
>index 8adfb15fb55..b071f2c2733 100644
>--- a/source3/libads/ldap.c
>+++ b/source3/libads/ldap.c
>@@ -92,7 +92,23 @@ static void gotalarm_sig(int signum)
> 		return NULL;
> 	}
> 
>-#ifdef HAVE_LDAP_INITIALIZE
>+#ifdef HAVE_LDAP_INIT_FD
>+	{
>+		int fd = -1;
>+		NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
>+
>+		status = open_socket_out(ss, port, to, &fd);
>+		if (!NT_STATUS_IS_OK(status)) {
>+			return NULL;
>+		}
>+
>+/* define LDAP_PROTO_TCP from openldap.h if required */
>+#ifndef LDAP_PROTO_TCP
>+#define LDAP_PROTO_TCP 1
>+#endif
>+		ldap_err = ldap_init_fd(fd, LDAP_PROTO_TCP, uri, &ldp);
>+	}
>+#elif defined(HAVE_LDAP_INITIALIZE)
> 	ldap_err = ldap_initialize(&ldp, uri);
> #else
> 	ldp = ldap_open(server, port);
>-- 
>2.26.2
>

Flags:

abartlet: review+
iboukris: review-
bbaumbach: ci-passed+

Actions: View

Attachments on bug 13124: 16030 | 16031 | 16032 | 16033 | 16357 | 16358