Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-15-SP1:GA
sssd.14586
0027-AD-use-getaddrinfo-with-AI_CANONNAME-to-fi...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0027-AD-use-getaddrinfo-with-AI_CANONNAME-to-find-the-FQD.patch of Package sssd.14586
From ff3390db7529a1ad76e25263b80463e37f555dae Mon Sep 17 00:00:00 2001 From: Samuel Cabrero <scabrero@suse.de> Date: Mon, 13 Jan 2020 13:52:34 +0100 Subject: [PATCH] AD: use getaddrinfo with AI_CANONNAME to find the FQDN In systems where gethostbyname() does not return the FQDN try calling getaddrinfo(). Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Sumit Bose <sbose@redhat.com> (cherry picked from commit 2143c7276c7603520e2575ef6c9d93a5fc031256) --- src/man/sssd-ad.5.xml | 14 ++++++------ src/providers/ad/ad_common.c | 42 ++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 6 deletions(-) diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml index 77d7f948b..b7f312204 100644 --- a/src/man/sssd-ad.5.xml +++ b/src/man/sssd-ad.5.xml @@ -190,15 +190,17 @@ ad_enabled_domains = sales.example.com, eng.example.com <term>ad_hostname (string)</term> <listitem> <para> - Optional. May be set on machines where the - hostname(5) does not reflect the fully qualified - name used in the Active Directory domain to - identify this host. + Optional. On machines where the hostname(5) does + not reflect the fully qualified name, sssd will try + to expand the short name. If it is not possible or + the short name should be really used instead, set + this parameter explicitly. </para> <para> This field is used to determine the host principal - in use in the keytab. It must match the hostname - for which the keytab was issued. + in use in the keytab and to perform dynamic DNS + updates. It must match the hostname for which the + keytab was issued. </para> </listitem> </varlistentry> diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c index 2a1647173..1708ca01f 100644 --- a/src/providers/ad/ad_common.c +++ b/src/providers/ad/ad_common.c @@ -398,6 +398,34 @@ ad_create_1way_trust_options(TALLOC_CTX *mem_ctx, return ad_options; } +static errno_t +ad_try_to_get_fqdn(const char *hostname, + char *buf, + size_t buflen) +{ + int ret; + struct addrinfo *res; + struct addrinfo hints; + + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_socktype = SOCK_DGRAM; + hints.ai_flags = AI_CANONNAME; + + ret = getaddrinfo(hostname, NULL, &hints, &res); + if (ret != 0) { + DEBUG(SSSDBG_CRIT_FAILURE, + "getaddrinfo failed: %s\n", + gai_strerror(ret)); + return ret; + } + + strncpy(buf, res->ai_canonname, buflen); + + freeaddrinfo(res); + + return EOK; +} + errno_t ad_get_common_options(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, @@ -413,6 +441,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx, char *realm; char *ad_hostname; char hostname[HOST_NAME_MAX + 1]; + char fqdn[HOST_NAME_MAX + 1]; char *case_sensitive_opt; const char *opt_override; @@ -460,6 +489,19 @@ ad_get_common_options(TALLOC_CTX *mem_ctx, goto done; } hostname[HOST_NAME_MAX] = '\0'; + + if (strchr(hostname, '.') == NULL) { + ret = ad_try_to_get_fqdn(hostname, fqdn, sizeof(fqdn)); + if (ret == EOK) { + DEBUG(SSSDBG_CONF_SETTINGS, + "The hostname [%s] has been expanded to FQDN [%s]. " + "If sssd should really use the short hostname, please " + "set ad_hostname explicitly.\n", hostname, fqdn); + strncpy(hostname, fqdn, sizeof(hostname)); + hostname[HOST_NAME_MAX] = '\0'; + } + } + DEBUG(SSSDBG_CONF_SETTINGS, "Setting ad_hostname to [%s].\n", hostname); ret = dp_opt_set_string(opts->basic, AD_HOSTNAME, hostname); -- 2.25.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor