diff options
author | Kai Blin <kai@samba.org> | 2012-09-05 08:27:28 +0200 |
---|---|---|
committer | Kai Blin <kai@samba.org> | 2012-09-05 19:02:17 +0200 |
commit | e81d026576cd1df9eb406c8ef0b0f27b7188b8ea (patch) | |
tree | 4126647c22c9e4a9aceb7e16dc1253545e15416f | |
parent | c0e6a4b1b07c7aff49f19c4d8cf3de1ff020afab (diff) | |
download | samba-e81d026576cd1df9eb406c8ef0b0f27b7188b8ea.tar.gz samba-e81d026576cd1df9eb406c8ef0b0f27b7188b8ea.tar.bz2 samba-e81d026576cd1df9eb406c8ef0b0f27b7188b8ea.zip |
s4 dns: TKEY record needs to remember incoming algorithm
Samba3 (and older windows versions) use gss.microsoft.com, win7 (and the RFC) use gss-tsig
-rw-r--r-- | source4/dns_server/dns_query.c | 10 | ||||
-rw-r--r-- | source4/dns_server/dns_server.h | 1 |
2 files changed, 10 insertions, 1 deletions
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c index 00feec0a83..3c919ee0a9 100644 --- a/source4/dns_server/dns_query.c +++ b/source4/dns_server/dns_query.c @@ -322,6 +322,7 @@ static WERROR handle_question(struct dns_server *dns, static NTSTATUS create_tkey(struct dns_server *dns, const char* name, + const char* algorithm, struct dns_server_tkey **tkey) { NTSTATUS status; @@ -338,6 +339,11 @@ static NTSTATUS create_tkey(struct dns_server *dns, return NT_STATUS_NO_MEMORY; } + k->algorithm = talloc_strdup(k, algorithm); + if (k->algorithm == NULL) { + return NT_STATUS_NO_MEMORY; + } + status = samba_server_gensec_start(k, dns->task->event_ctx, dns->task->msg_ctx, @@ -442,7 +448,8 @@ static WERROR handle_tkey(struct dns_server *dns, ret_tkey->rr_class = DNS_QCLASS_ANY; ret_tkey->length = UINT16_MAX; - ret_tkey->rdata.tkey_record.algorithm = talloc_strdup(ret_tkey, ret_tkey->name); + ret_tkey->rdata.tkey_record.algorithm = talloc_strdup(ret_tkey, + in_tkey->rdata.tkey_record.algorithm); if (ret_tkey->rdata.tkey_record.algorithm == NULL) { return WERR_NOMEM; } @@ -473,6 +480,7 @@ static WERROR handle_tkey(struct dns_server *dns, if (tkey == NULL) { status = create_tkey(dns, in->questions[0].name, + in_tkey->rdata.tkey_record.algorithm, &tkey); if (!NT_STATUS_IS_OK(status)) { ret_tkey->rdata.tkey_record.error = DNS_RCODE_BADKEY; diff --git a/source4/dns_server/dns_server.h b/source4/dns_server/dns_server.h index 74a1ded6f2..994e7bfbbc 100644 --- a/source4/dns_server/dns_server.h +++ b/source4/dns_server/dns_server.h @@ -36,6 +36,7 @@ struct dns_server_zone { struct dns_server_tkey { const char *name; enum dns_tkey_mode mode; + const char *algorithm; struct auth_session_info *session_info; struct gensec_security *gensec; bool complete; |