diff options
-rw-r--r-- | source4/dns_server/dns_update.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c index 72944730a6..81e3fce599 100644 --- a/source4/dns_server/dns_update.c +++ b/source4/dns_server/dns_update.c @@ -101,7 +101,8 @@ WERROR dns_server_process_update(struct dns_server *dns, struct dns_name_question *zone; const struct dns_server_zone *z; size_t host_part_len = 0; - WERROR werror = WERR_DNS_ERROR_RCODE_NOT_IMPLEMENTED; + WERROR werror = DNS_ERR(NOT_IMPLEMENTED); + bool update_allowed = false; if (in->qdcount != 1) { return DNS_ERR(FORMAT_ERROR); @@ -136,5 +137,12 @@ WERROR dns_server_process_update(struct dns_server *dns, werror = check_prerequsites(dns, mem_ctx, in, prereqs, prereq_count); W_ERROR_NOT_OK_RETURN(werror); + /* TODO: Check if update is allowed, we probably want "always", + * key-based GSSAPI, key-based bind-style TSIG and "never" as + * smb.conf options. */ + if (!update_allowed) { + return DNS_ERR(REFUSED); + } + return werror; } |