winbindd: do an early exit in cm_open_connection()

Best viewed with git show -w. No change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index e774bf90511ff99ae1c12469ae59758bad09c99f..250465fcdeafd3c0f9bcd65bf32bc615ad8015d1 100644 (file)
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1727,43 +1727,43 @@ static NTSTATUS cm_open_connection(struct winbindd_domain *domain,
                        break;
        }
 
-       if (NT_STATUS_IS_OK(result)) {
-               bool seal_pipes = true;
+       if (!NT_STATUS_IS_OK(result)) {
+               /* Ensure we setup the retry handler. */
+               set_domain_offline(domain);
+               goto out;
+       }
 
-               winbindd_set_locator_kdc_envs(domain);
+       winbindd_set_locator_kdc_envs(domain);
 
-               if (domain->online == False) {
-                       /* We're changing state from offline to online. */
-                       set_global_winbindd_state_online();
-               }
-               set_domain_online(domain);
+       if (domain->online == False) {
+               /* We're changing state from offline to online. */
+               set_global_winbindd_state_online();
+       }
+       set_domain_online(domain);
 
-               /*
-                * Much as I hate global state, this seems to be the point
-                * where we can be certain that we have a proper connection to
-                * a DC. wbinfo --dc-info needs that information, store it in
-                * gencache with a looong timeout. This will need revisiting
-                * once we start to connect to multiple DCs, wbcDcInfo is
-                * already prepared for that.
-                */
-               store_current_dc_in_gencache(domain->name, domain->dcname,
-                                            new_conn->cli);
+       /*
+        * Much as I hate global state, this seems to be the point
+        * where we can be certain that we have a proper connection to
+        * a DC. wbinfo --dc-info needs that information, store it in
+        * gencache with a looong timeout. This will need revisiting
+        * once we start to connect to multiple DCs, wbcDcInfo is
+        * already prepared for that.
+        */
+       store_current_dc_in_gencache(domain->name, domain->dcname,
+                                    new_conn->cli);
 
-               seal_pipes = lp_winbind_sealed_pipes();
-               seal_pipes = lp_parm_bool(-1, "winbind sealed pipes",
-                                         domain->name,
-                                         seal_pipes);
+       seal_pipes = lp_winbind_sealed_pipes();
+       seal_pipes = lp_parm_bool(-1, "winbind sealed pipes",
+                                 domain->name,
+                                 seal_pipes);
 
-               if (seal_pipes) {
-                       new_conn->auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
-               } else {
-                       new_conn->auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
-               }
+       if (seal_pipes) {
+               new_conn->auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
        } else {
-               /* Ensure we setup the retry handler. */
-               set_domain_offline(domain);
+               new_conn->auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
        }
 
+out:
        talloc_destroy(mem_ctx);
        return result;
 }