A combined make test

Volker Lendecke Volker.Lendecke at SerNet.DE
Sat Apr 16 07:58:51 MDT 2011 

On Sat, Apr 16, 2011 at 08:08:13PM +1000, Andrew Bartlett wrote:
> The main issue I foresee is ensuring that Samba3 does not make any DNS
> lookups, and to constrain the LDAP and Kerberos traffic.  Kerberos

Attached find two patches which I use when testing net ads
join and winbind on a system with broken DNS. Maybe that
gets you a little step further towards that goal.

Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
-------------- next part --------------
>From ddeabbc173a447fb82bdaf797435734698f4653f Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 26 Feb 2011 17:43:21 +0100
Subject: [PATCH 1/2] s3: Avoid a second DNS lookup in ads_connect

We already have the server's address.
---
 source3/libads/ldap.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 3ce7a7e..7e49303 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -685,7 +685,7 @@ got_connection:
 
 	/* Otherwise setup the TCP LDAP session */
 
-	ads->ldap.ld = ldap_open_with_timeout(ads->config.ldap_server_name,
+	ads->ldap.ld = ldap_open_with_timeout(addr,
 					      ads->ldap.port, lp_ldap_timeout());
 	if (ads->ldap.ld == NULL) {
 		status = ADS_ERROR(LDAP_OPERATIONS_ERROR);
-- 
1.7.0.4


>From 10fca0562cf2eab93150e6c3e2651391385f552c Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 27 Feb 2011 19:21:17 +0100
Subject: [PATCH 2/2] s3: Avoid some dns calls by saving the dc name/ip when we find it

---
 source3/libsmb/namequery_dc.c |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c
index 39b780c..5554a39 100644
--- a/source3/libsmb/namequery_dc.c
+++ b/source3/libsmb/namequery_dc.c
@@ -147,6 +147,13 @@ static bool ads_dc_name(const char *domain,
 	DEBUG(4,("ads_dc_name: using server='%s' IP=%s\n",
 		 srv_name, addr));
 
+	if (!is_zero_addr(dc_ss) && dc_ss->ss_family == AF_INET) {
+		struct ip_service ips;
+		ips.ss = *dc_ss;
+		ips.port = ((struct sockaddr_in *)dc_ss)->sin_port;
+		namecache_store(srv_name, 0x20, 1, &ips);
+	}
+
 	return True;
 }
 
-- 
1.7.0.4

More information about the samba-technical mailing list