From 7f4b7fed1e7619b5cc6af38c8d40dddf840e5737 Mon Sep 17 00:00:00 2001
From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Date: Thu, 30 Apr 2015 12:36:18 +1200
Subject: [PATCH] KCC: simplify repsfrom pruning in KCC.translate_ntdsconn()

This section is actually quite simple -- we don't want a repsFrom if
there is no DRS connection -- but the existing comments and code had
managed to cause us hours of confusion and much gnashing teeth, the
evidence of which will hopefully have been squashed out of the git
history by the time you read this.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 python/samba/kcc/__init__.py | 37 ++++++++++---------------------------
 1 file changed, 10 insertions(+), 27 deletions(-)

diff --git a/python/samba/kcc/__init__.py b/python/samba/kcc/__init__.py
index 7d0c5e07f9d..61e16c9bd81 100644
--- a/python/samba/kcc/__init__.py
+++ b/python/samba/kcc/__init__.py
@@ -1007,38 +1007,21 @@ class KCC(object):
                     t_repsFrom.to_be_deleted = True
                     continue
 
+                # Find the connection that this repsFrom would use. If
+                # there isn't a good one (i.e. non-RODC_TOPOLOGY,
+                # meaning non-FRS), we delete the repsFrom.
                 s_dnstr = s_dsa.dsa_dnstr
-
-                # Retrieve my DSAs connection object (if it exists)
-                # that specifies the fromServer equivalent to
-                # the DSA that is specified in the repsFrom source
                 connections = current_dsa.get_connection_by_from_dnstr(s_dnstr)
-
-                count = 0
-                cn_conn = None
-
-                for con in connections:
-                    if con.is_rodc_topology():
-                        continue
-                    cn_conn = con
-
-                # Let (cn) be the nTDSConnection object such that (cn)
-                # is a child of the local DC's nTDSDSA object and
-                # (cn!fromServer = s) and (cn!options) does not contain
-                # NTDSCONN_OPT_RODC_TOPOLOGY or NULL if no such (cn) exists.
-
-                # KCC removes this repsFrom tuple if any of the following
-                # is true:
-                #     cn = NULL.
-                #     [...]
-
-                #XXX varying possible interpretations of rodc_topology
-                if cn_conn is None:
+                for cn_conn in connections:
+                    if not cn_conn.is_rodc_topology():
+                        break
+                else:
+                    # no break means no non-rodc_topology connection exists
                     t_repsFrom.to_be_deleted = True
                     continue
 
-                #     [...] KCC removes this repsFrom tuple if:
-                #
+                # KCC removes this repsFrom tuple if any of the following
+                # is true:
                 #     No NC replica of the NC "is present" on DSA that
                 #     would be source of replica
                 #
-- 
2.11.4.GIT