diff options
-rw-r--r-- | librpc/idl/dns.idl | 7 | ||||
-rw-r--r-- | source4/dns_server/dns_update.c | 40 |
2 files changed, 41 insertions, 6 deletions
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl index a60c31465f..e0121623e7 100644 --- a/librpc/idl/dns.idl +++ b/librpc/idl/dns.idl @@ -105,9 +105,10 @@ interface dns DNS_QTYPE_NSEC = 0x002F, DNS_QTYPE_DNSKEY = 0x0030, DNS_QTYPE_DHCID = 0x0031, - DNS_QTYPE_ALL = 0x00FF, - DNS_QTYPE_WINS = 0xFF01, - DNS_QTYPE_WINSR = 0xFF02 + DNS_QTYPE_AXFR = 0x00FC, + DNS_QTYPE_MAILB = 0x00FD, + DNS_QTYPE_MAILA = 0x00FE, + DNS_QTYPE_ALL = 0x00FF } dns_qtype; typedef [public] struct { diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c index 5b87e9f669..397384421c 100644 --- a/source4/dns_server/dns_update.c +++ b/source4/dns_server/dns_update.c @@ -227,16 +227,48 @@ static WERROR update_prescan(const struct dns_name_question *zone, return DNS_ERR(NOTZONE); } if (zone->question_class == r->rr_class) { - /*TODO: also check for AXFR,MAILA,MAILB */ if (r->rr_type == DNS_QTYPE_ALL) { return DNS_ERR(FORMAT_ERROR); } + if (r->rr_type == DNS_QTYPE_AXFR) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_MAILB) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_MAILA) { + return DNS_ERR(FORMAT_ERROR); + } } else if (r->rr_class == DNS_QCLASS_ANY) { - if (r->ttl != 0 || r->length != 0) { + if (r->ttl != 0) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->length != 0) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_AXFR) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_MAILB) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_MAILA) { return DNS_ERR(FORMAT_ERROR); } } else if (r->rr_class == DNS_QCLASS_NONE) { - if (r->ttl != 0 || r->rr_type == DNS_QTYPE_ALL) { + if (r->ttl != 0) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_ALL) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_AXFR) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_MAILB) { + return DNS_ERR(FORMAT_ERROR); + } + if (r->rr_type == DNS_QTYPE_MAILA) { return DNS_ERR(FORMAT_ERROR); } } else { @@ -373,6 +405,8 @@ WERROR dns_server_process_update(struct dns_server *dns, return DNS_ERR(REFUSED); } + *update_count = in->nscount; + *updates = in->nsrecs; werror = update_prescan(in->questions, *updates, *update_count); W_ERROR_NOT_OK_RETURN(werror); |