diff options
| -rw-r--r-- | source4/dns_server/dns_query.c | 14 | ||||
| -rw-r--r-- | source4/dns_server/dns_server.h | 5 |
2 files changed, 17 insertions, 2 deletions
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c index 3c919ee0a9..98ebc63d97 100644 --- a/source4/dns_server/dns_query.c +++ b/source4/dns_server/dns_query.c @@ -413,6 +413,7 @@ static NTSTATUS accept_gss_ticket(TALLOC_CTX *mem_ctx, static WERROR handle_tkey(struct dns_server *dns, TALLOC_CTX *mem_ctx, const struct dns_name_packet *in, + struct dns_request_state *state, struct dns_res_rec **answers, uint16_t *ancount) { @@ -498,6 +499,15 @@ static WERROR handle_tkey(struct dns_server *dns, ret_tkey->rdata.tkey_record.error = DNS_RCODE_BADKEY; } else if (NT_STATUS_IS_OK(status)) { DEBUG(1, ("Tkey handshake completed\n")); + ret_tkey->rdata.tkey_record.key_size = reply.length; + ret_tkey->rdata.tkey_record.key_data = talloc_memdup(ret_tkey, + reply.data, + reply.length); + state->sign = true; + state->key_name = talloc_strdup(mem_ctx, tkey->name); + if (state->key_name == NULL) { + return WERR_NOMEM; + } } else { DEBUG(0, ("GSS key negotiation returned %s\n", nt_errstr(status))); ret_tkey->rdata.tkey_record.error = DNS_RCODE_BADKEY; @@ -566,8 +576,8 @@ struct tevent_req *dns_server_process_query_send( if (in->questions[0].question_type == DNS_QTYPE_TKEY) { WERROR err; - err = handle_tkey(dns, state, in, &state->answers, - &state->ancount); + err = handle_tkey(dns, state, in, req_state, + &state->answers, &state->ancount); if (tevent_req_werror(req, err)) { return tevent_req_post(req, ev); } diff --git a/source4/dns_server/dns_server.h b/source4/dns_server/dns_server.h index 994e7bfbbc..8007bcbc08 100644 --- a/source4/dns_server/dns_server.h +++ b/source4/dns_server/dns_server.h @@ -60,6 +60,11 @@ struct dns_server { struct dns_request_state { uint16_t flags; + bool authenticated; + bool sign; + char *key_name; + struct dns_res_rec *tsig; + uint16_t tsig_error; }; struct tevent_req *dns_server_process_query_send( |