cldap: clear remote address after cldap_dse_fill

Need to clear the remote address as the ldb handle is shared, and
changes made by internal processes would be logged as coming from the
last cldap requester

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/cldap_server/rootdse.c b/source4/cldap_server/rootdse.c
index 3f389ce822576b06c315cd3fa01571af0b342468..a5e1c6b5c4e55334553d6b0bced2bf063d559138 100644 (file)
--- a/source4/cldap_server/rootdse.c
+++ b/source4/cldap_server/rootdse.c
@@ -166,6 +166,13 @@ void cldapd_rootdse_request(struct cldap_socket *cldap,
        cldapd_rootdse_fill(cldapd, tmp_ctx, search, &reply.response,
                            reply.result);
 
+       /*
+        * We clear this after cldapd_rootdse_fill as this is shared ldb
+        * and if it was not cleared the audit logging would report changes
+        * made by internal processes as coming from the last cldap requester
+        */
+       ldb_set_opaque(cldapd->samctx, "remoteAddress", NULL);
+
        status = cldap_reply_send(cldap, &reply);
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(2,("cldap rootdse query failed '%s' - %s\n",