Bug 11284 - Discovering DCs via CLDAP fails to traverse all returned addresses when some of them unreachable
Summary: Discovering DCs via CLDAP fails to traverse all returned addresses when some ...
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.2.1
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
Depends on:
Blocks: 9618
  Show dependency treegraph
Reported: 2015-05-20 16:28 UTC by Alexander Bokovoy
Modified: 2015-05-24 18:43 UTC (History)
2 users (show)

See Also:

Proposed patch (4.46 KB, patch)
2015-05-20 16:29 UTC, Alexander Bokovoy
ab: review? (metze)
Patch for v4-2-test (4.58 KB, patch)
2015-05-20 22:22 UTC, Stefan Metzmacher
ab: review+
Patch for v4-1-test (4.58 KB, patch)
2015-05-20 22:24 UTC, Stefan Metzmacher
ab: review+

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bokovoy 2015-05-20 16:28:37 UTC
The following Python code fails to loook through all AD DCs advertised in the SRV DNS records:

      netrc = net.Net(creds=self._creds, lp=self._parm)
        finddc_error = None
        result = None
            result = netrc.finddc(domain=domain, flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_GC | nbt.NBT_SERVER_CLOSEST)
        except RuntimeError, e:
                # If search of closest GC failed, attempt to find any one
                result = netrc.finddc(domain=domain, flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_GC)
            except RuntimeError, e:
                finddc_error = e

The reason why it fails, is because out of, say, 4 addresses, two are IPv6 and IPv6 networking is not fully configured -- IPv6 stack is enabled but not really routed, and the code in finddcs_cldap.c does not handle the failure of creating a socket or sending the CLDAP ping and never getting to the reply.
Comment 1 Alexander Bokovoy 2015-05-20 16:29:59 UTC
Created attachment 11074 [details]
Proposed patch

Proposed patch attached. Note that the bug https://bugzilla.samba.org/show_bug.cgi?id=9618 may have a similar cause.
Comment 2 Stefan Metzmacher 2015-05-20 22:22:43 UTC
Created attachment 11076 [details]
Patch for v4-2-test
Comment 3 Stefan Metzmacher 2015-05-20 22:24:04 UTC
Created attachment 11077 [details]
Patch for v4-1-test
Comment 4 Alexander Bokovoy 2015-05-21 03:35:29 UTC
Comment on attachment 11076 [details]
Patch for v4-2-test

Looks fine.
Comment 5 Alexander Bokovoy 2015-05-21 03:36:24 UTC
Comment on attachment 11077 [details]
Patch for v4-1-test

Looks fine as well
Comment 6 Jeremy Allison 2015-05-21 06:54:23 UTC
Re-assigning to Karolin for inclusion in 4.2.next, 4.1.next.
Comment 7 Karolin Seeger 2015-05-21 12:47:39 UTC
Pushed to autobuild-v4-[1|2]-test.
Comment 8 Karolin Seeger 2015-05-24 18:43:52 UTC
(In reply to Karolin Seeger from comment #7)
Pushed to both branches.
Closing out bug report.