summaryrefslogtreecommitdiff
path: root/source3/utils
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2006-12-14 16:27:45 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:16:29 -0500
commitd879aa8f3617b256a16889d04a39a25b27f5bb39 (patch)
treef589ce978809a185c1981d944b423d54936f3c27 /source3/utils
parent35a3773a6df72fc4031b90fb94010193966dbdc0 (diff)
downloadsamba-d879aa8f3617b256a16889d04a39a25b27f5bb39.tar.gz
samba-d879aa8f3617b256a16889d04a39a25b27f5bb39.tar.bz2
samba-d879aa8f3617b256a16889d04a39a25b27f5bb39.zip
r20170: Fix secure DNS updates to work against
Wnidows 2000 DNS which expects the TKEY payload to be in the answer section and not in the additional set of records (like Windows 2003 and the RFC). (This used to be commit a3b6734fdad5fd92dbec075ebcd8d7044aac45c2)
Diffstat (limited to 'source3/utils')
-rw-r--r--source3/utils/net_dns.c14
1 files changed, 12 insertions, 2 deletions
diff --git a/source3/utils/net_dns.c b/source3/utils/net_dns.c
index d372211a5f..81d7dd596a 100644
--- a/source3/utils/net_dns.c
+++ b/source3/utils/net_dns.c
@@ -118,8 +118,18 @@ DNS_ERROR DoDNSUpdate(ADS_STRUCT *ads, char *pszServerName,
}
err = dns_negotiate_sec_ctx( pszDomainName, pszServerName,
- keyname, &gss_context );
- if (!ERR_DNS_IS_OK(err)) goto error;
+ keyname, &gss_context, DNS_SRV_ANY );
+
+ /* retry using the Windows 2000 DNS hack */
+ if (!ERR_DNS_IS_OK(err)) {
+ err = dns_negotiate_sec_ctx( pszDomainName, pszServerName,
+ keyname, &gss_context,
+ DNS_SRV_WIN2000 );
+ }
+
+ if (!ERR_DNS_IS_OK(err))
+ goto error;
+
err = dns_sign_update(req, gss_context, keyname,
"gss.microsoft.com", time(NULL), 3600);