summaryrefslogtreecommitdiff
path: root/source4/dns_server/dns_server.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/dns_server/dns_server.c')
-rw-r--r--source4/dns_server/dns_server.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 887fc8ee1d..cd121f9d8b 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -98,6 +98,7 @@ static void dns_tcp_send(struct stream_connection *conn, uint16_t flags)
struct dns_process_state {
DATA_BLOB *in;
+ struct dns_server *dns;
struct dns_name_packet in_packet;
struct dns_request_state state;
uint16_t dns_err;
@@ -123,6 +124,8 @@ static struct tevent_req *dns_process_send(TALLOC_CTX *mem_ctx,
}
state->in = in;
+ state->dns = dns;
+
if (in->length < 12) {
tevent_req_werror(req, WERR_INVALID_PARAM);
return tevent_req_post(req, ev);
@@ -142,6 +145,8 @@ static struct tevent_req *dns_process_send(TALLOC_CTX *mem_ctx,
NDR_PRINT_DEBUG(dns_name_packet, &state->in_packet);
}
+ ret = dns_verify_tsig(dns, &state->state, &state->in_packet);
+
state->state.flags = state->in_packet.operation;
state->state.flags |= DNS_FLAG_REPLY;
@@ -215,6 +220,15 @@ static WERROR dns_process_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
}
state->out_packet.operation |= state->state.flags;
+ if (state->state.sign) {
+ ret = dns_sign_tsig(state->dns, mem_ctx, &state->state,
+ &state->out_packet, 0);
+ if (!W_ERROR_IS_OK(ret)) {
+ state->dns_err = DNS_RCODE_SERVFAIL;
+ goto drop;
+ }
+ }
+
ndr_err = ndr_push_struct_blob(
out, mem_ctx, &state->out_packet,
(ndr_push_flags_fn_t)ndr_push_dns_name_packet);
generated by cgit (git 2.34.1) at 2024-05-23 13:05:35 +0000