summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--librpc/idl/dns.idl7
-rw-r--r--source4/dns_server/dns_update.c40
2 files changed, 41 insertions, 6 deletions
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index a60c31465f..e0121623e7 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -105,9 +105,10 @@ interface dns
DNS_QTYPE_NSEC = 0x002F,
DNS_QTYPE_DNSKEY = 0x0030,
DNS_QTYPE_DHCID = 0x0031,
- DNS_QTYPE_ALL = 0x00FF,
- DNS_QTYPE_WINS = 0xFF01,
- DNS_QTYPE_WINSR = 0xFF02
+ DNS_QTYPE_AXFR = 0x00FC,
+ DNS_QTYPE_MAILB = 0x00FD,
+ DNS_QTYPE_MAILA = 0x00FE,
+ DNS_QTYPE_ALL = 0x00FF
} dns_qtype;
typedef [public] struct {
diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c
index 5b87e9f669..397384421c 100644
--- a/source4/dns_server/dns_update.c
+++ b/source4/dns_server/dns_update.c
@@ -227,16 +227,48 @@ static WERROR update_prescan(const struct dns_name_question *zone,
return DNS_ERR(NOTZONE);
}
if (zone->question_class == r->rr_class) {
- /*TODO: also check for AXFR,MAILA,MAILB */
if (r->rr_type == DNS_QTYPE_ALL) {
return DNS_ERR(FORMAT_ERROR);
}
+ if (r->rr_type == DNS_QTYPE_AXFR) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_MAILB) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_MAILA) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
} else if (r->rr_class == DNS_QCLASS_ANY) {
- if (r->ttl != 0 || r->length != 0) {
+ if (r->ttl != 0) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->length != 0) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_AXFR) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_MAILB) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_MAILA) {
return DNS_ERR(FORMAT_ERROR);
}
} else if (r->rr_class == DNS_QCLASS_NONE) {
- if (r->ttl != 0 || r->rr_type == DNS_QTYPE_ALL) {
+ if (r->ttl != 0) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_ALL) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_AXFR) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_MAILB) {
+ return DNS_ERR(FORMAT_ERROR);
+ }
+ if (r->rr_type == DNS_QTYPE_MAILA) {
return DNS_ERR(FORMAT_ERROR);
}
} else {
@@ -373,6 +405,8 @@ WERROR dns_server_process_update(struct dns_server *dns,
return DNS_ERR(REFUSED);
}
+ *update_count = in->nscount;
+ *updates = in->nsrecs;
werror = update_prescan(in->questions, *updates, *update_count);
W_ERROR_NOT_OK_RETURN(werror);