libads: change netlogon_pings() behaviour wrt to min_servers parameter

Currently if a caller passes min_servers=X with X>1, netlogon_pings() will fail
if it can't contact X DCs. This is not really what we want. What we want is: we
want at least one DC, and up to X.

Change implemenentation in that sense and rename the min_servers argument to
wanted_servers to express this behaviour change.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15844

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Aug 13 19:31:10 UTC 2025 on atb-devel-224

diff --git a/source3/libads/cldap.c b/source3/libads/cldap.c
index 96d602d9feb393d3663acdd6894996a92472e486..fdb78454141eb110d2aa725785142cf3f3b87946 100644 (file)
--- a/source3/libads/cldap.c
+++ b/source3/libads/cldap.c
@@ -69,7 +69,7 @@ static bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
                        .acct_ctrl = -1,
                        .required_flags = required_flags,
                },
-               1,                                  /* min_servers */
+               1,                                  /* wanted_servers */
                timeval_current_ofs(MAX(3, lp_ldap_timeout() / 2), 0),
                &responses);
        if (!NT_STATUS_IS_OK(status)) {

diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index deafe1c4fce93a0cbfac31058aea16e47435a2ba..d8325201b2f8e6fd9d80273d9edf430c21f6ccb9 100644 (file)
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -1225,7 +1225,7 @@ static char *get_kdc_ip_string(char *mem_ctx,
                                        .acct_ctrl = -1,
                                        .required_flags = DS_KDC_REQUIRED,
                                },
-                               MIN(num_dcs, 3),           /* min_servers */
+                               MIN(num_dcs, 3),           /* wanted_servers */
                                timeval_current_ofs(3, 0), /* timeout */
                                &responses);
        TALLOC_FREE(dc_addrs2);

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index af467cfe390f2d3912e826f09ab2f3b6ef61d357..49fa1d47298ee369d9401854fc5ec7ea03575b6c 100644 (file)
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -501,7 +501,7 @@ again:
                                        .required_flags = ads->config.flags |
                                                          DS_ONLY_LDAP_NEEDED,
                                },
-                               1,       /* min_servers */
+                               1,       /* wanted_servers */
                                endtime, /* timeout */
                                &responses);
        if (!NT_STATUS_IS_OK(status)) {

diff --git a/source3/libads/netlogon_ping.c b/source3/libads/netlogon_ping.c
index 76263a72d715624de8b4b1dcd6e6482b94744d3a..c65244dd87612e3737669b7609c02849a2bb5048 100644 (file)
--- a/source3/libads/netlogon_ping.c
+++ b/source3/libads/netlogon_ping.c
@@ -588,7 +588,7 @@ struct netlogon_pings_state {
 
        struct tsocket_address **servers;
        size_t num_servers;
-       size_t min_servers;
+       size_t wanted_servers;
        struct timeval timeout;
        enum client_netlogon_ping_protocol proto;
        uint32_t required_flags;
@@ -610,7 +610,7 @@ struct tevent_req *netlogon_pings_send(TALLOC_CTX *mem_ctx,
                                       struct tsocket_address **servers,
                                       size_t num_servers,
                                       struct netlogon_ping_filter filter,
-                                      size_t min_servers,
+                                      size_t wanted_servers,
                                       struct timeval timeout)
 {
        struct tevent_req *req = NULL;
@@ -626,7 +626,7 @@ struct tevent_req *netlogon_pings_send(TALLOC_CTX *mem_ctx,
        state->proto = proto;
        state->servers = servers;
        state->num_servers = num_servers;
-       state->min_servers = min_servers;
+       state->wanted_servers = wanted_servers;
        state->timeout = timeout;
        state->required_flags = filter.required_flags;
 
@@ -685,7 +685,7 @@ struct tevent_req *netlogon_pings_send(TALLOC_CTX *mem_ctx,
        }
        state->filter = filter_str;
 
-       for (i = 0; i < min_servers; i++) {
+       for (i = 0; i < wanted_servers; i++) {
                state->reqs[i] = netlogon_ping_send(state->reqs,
                                                    state->ev,
                                                    state->servers[i],
@@ -699,7 +699,7 @@ struct tevent_req *netlogon_pings_send(TALLOC_CTX *mem_ctx,
                                        netlogon_pings_done,
                                        req);
        }
-       state->num_sent = min_servers;
+       state->num_sent = wanted_servers;
        if (state->num_sent < state->num_servers) {
                /*
                 * After 100 milliseconds fire the next one
@@ -818,7 +818,7 @@ static void netlogon_pings_done(struct tevent_req *subreq)
                }
        }
 
-       if (state->num_good_received >= state->min_servers) {
+       if (state->num_good_received >= state->wanted_servers) {
                tevent_req_done(req);
                return;
        }
@@ -828,8 +828,13 @@ static void netlogon_pings_done(struct tevent_req *subreq)
                 */
                return;
        }
+       if (state->num_good_received == 1) {
+               /* We require at least one DC */
+               tevent_req_done(req);
+               return;
+       }
        /*
-        * Everybody replied, but we did not get enough good
+        * Everybody replied, but we did not get a single good
         * answers (see above)
         */
        tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
@@ -857,7 +862,7 @@ NTSTATUS netlogon_pings(TALLOC_CTX *mem_ctx,
                        struct tsocket_address **servers,
                        int num_servers,
                        struct netlogon_ping_filter filter,
-                       int min_servers,
+                       int wanted_servers,
                        struct timeval timeout,
                        struct netlogon_samlogon_response ***responses)
 {
@@ -876,7 +881,7 @@ NTSTATUS netlogon_pings(TALLOC_CTX *mem_ctx,
                                  servers,
                                  num_servers,
                                  filter,
-                                 min_servers,
+                                 wanted_servers,
                                  timeout);
        if (req == NULL) {
                goto fail;

diff --git a/source3/libads/netlogon_ping.h b/source3/libads/netlogon_ping.h
index d50c0a4793683b271ec3f5c1715ab0971b7eedd0..6063c4e8a280556ca4a47d78428f36b930d77775 100644 (file)
--- a/source3/libads/netlogon_ping.h
+++ b/source3/libads/netlogon_ping.h
@@ -45,7 +45,7 @@ struct tevent_req *netlogon_pings_send(TALLOC_CTX *mem_ctx,
                                       struct tsocket_address **servers,
                                       size_t num_servers,
                                       struct netlogon_ping_filter filter,
-                                      size_t min_servers,
+                                      size_t wanted_servers,
                                       struct timeval timeout);
 NTSTATUS netlogon_pings_recv(struct tevent_req *req,
                             TALLOC_CTX *mem_ctx,
@@ -55,7 +55,7 @@ NTSTATUS netlogon_pings(TALLOC_CTX *mem_ctx,
                        struct tsocket_address **servers,
                        int num_servers,
                        struct netlogon_ping_filter filter,
-                       int min_servers,
+                       int wanted_servers,
                        struct timeval timeout,
                        struct netlogon_samlogon_response ***responses);
 

diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c
index 695f0c38d851d74cc9d162bffc62bb78747d4246..97633317903e2a3e774fa1dc9fff29fb9d33c5bc 100644 (file)
--- a/source3/libsmb/dsgetdcname.c
+++ b/source3/libsmb/dsgetdcname.c
@@ -871,7 +871,7 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx,
                        .domain = domain_name,
                        .required_flags = flags,
                },
-               1, /* min_servers */
+               1, /* wanted_servers */
                timeval_current_ofs(MAX(3, lp_ldap_timeout() / 2), 0),
                &responses);
 

diff --git a/source4/libnet/libnet_site.c b/source4/libnet/libnet_site.c
index 9ee51f3ee86370ff8675b6835e8d4b64de9a7687..d60dc9846b188a89b41a005ebcaa58f0860f2d05 100644 (file)
--- a/source4/libnet/libnet_site.c
+++ b/source4/libnet/libnet_site.c
@@ -74,7 +74,7 @@ NTSTATUS libnet_FindSite(TALLOC_CTX *ctx, struct libnet_context *lctx, struct li
                                                     NETLOGON_NT_VERSION_5EX,
                                        .acct_ctrl = -1,
                                },
-                               1, /* min_servers */
+                               1, /* wanted_servers */
                                tevent_timeval_current_ofs(2, 0), /* timeout */
                                &responses);
 

diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index bac0f29695e4da95ad6d7b014fc724ff2525416c..3fbbd0ccafb91ecf4f52ab8a1c120c9ef25645ee 100644 (file)
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -4456,7 +4456,7 @@ static bool check_dom_trust_pw(struct dcerpc_pipe *p,
                                                             : ACB_DOMTRUST,
                                        .user = account,
                                },
-                               1, /* min_servers */
+                               1, /* wanted_servers */
                                tevent_timeval_current_ofs(2, 0), /* timeout */
                                &responses);
        torture_assert_ntstatus_ok(tctx, status, "netlogon_pings");