Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-09-12 | dns_server: Remove parameter 'dns recursive queries' and base this on 'dns ↵ | Andrew Bartlett | 1 | -2/+3 | |
forwarder' This simplifies a very common configuration. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2012-09-12 | s4:dns_server: remove wrong and unused dsdb_check_access_on_dn() check | Stefan Metzmacher | 1 | -16/+0 | |
metze | |||||
2012-09-12 | dns_server: Attempt to SET and UNSET the sessionInfo to match the incoming user | Andrew Bartlett | 1 | -2/+24 | |
This avoids re-opening the DB as the correct user, but applies all the right ACLs and resulting owner. This needs a bit more testing... Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-09-12 | s4 dns: Improve logging of delegated dns updates | Kai Blin | 1 | -1/+1 | |
2012-09-07 | s4 dns: Make debug output less noisy | Kai Blin | 4 | -16/+16 | |
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Sep 7 00:31:56 CEST 2012 on sn-devel-104 | |||||
2012-09-06 | s4 dns: Check if signing user is allowed to update records | Kai Blin | 1 | -16/+56 | |
This should fix bug #9142 | |||||
2012-09-06 | selftest: Add tests for the dlz_bind9 module | Andrew Bartlett | 1 | -0/+7 | |
This will help ensure that we do not break the fundemental loading etc. From here, it should be easy to extend this to more comprehensive tests. Andrew Bartlett | |||||
2012-09-05 | s4 dns: Allow configuring signed updates | Kai Blin | 1 | -1/+6 | |
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 20:42:46 CEST 2012 on sn-devel-104 | |||||
2012-09-05 | s4 dns: Make sure to remember incoming tkey name | Kai Blin | 1 | -0/+4 | |
2012-09-05 | s4 dns: Verify incoming TSIG signatures | Kai Blin | 4 | -0/+189 | |
2012-09-05 | s4 dns: Handle GSS-TSIG signature creation | Kai Blin | 3 | -0/+144 | |
2012-09-05 | s4 dns: When we got a TKEY, we need to remember which key to use for signing | Kai Blin | 2 | -2/+17 | |
2012-09-05 | s4 dns: TKEY record needs to remember incoming algorithm | Kai Blin | 2 | -1/+10 | |
Samba3 (and older windows versions) use gss.microsoft.com, win7 (and the RFC) use gss-tsig | |||||
2012-09-05 | s4 dns: Move dns_find_tkey to an extra file | Kai Blin | 4 | -56/+88 | |
2012-09-05 | s4-dns: Fix linking the dns service. | Andreas Schneider | 1 | -1/+1 | |
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Sep 5 18:40:00 CEST 2012 on sn-devel-104 | |||||
2012-09-05 | s4 dns: Revert erroneous push from wrong branch | Kai Blin | 7 | -461/+60 | |
I've pushed the wrong branch for this, sorry about that. Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 14:10:54 CEST 2012 on sn-devel-104 | |||||
2012-09-05 | s4 dns: Allow configuring signed updates | Kai Blin | 1 | -1/+6 | |
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 10:45:22 CEST 2012 on sn-devel-104 | |||||
2012-09-05 | s4 dns: Make sure to remember incoming tkey name | Kai Blin | 1 | -0/+4 | |
2012-09-05 | more tsig_verify stuff | Kai Blin | 3 | -12/+23 | |
2012-09-05 | drop me | Kai Blin | 1 | -0/+3 | |
2012-09-05 | hack: dns_sign_tsig correct memcpy | Kai Blin | 1 | -1/+1 | |
2012-09-05 | HACK remove debug statement | Kai Blin | 1 | -1/+0 | |
2012-09-05 | s4 dns: Verify incoming TSIG signatures | Kai Blin | 4 | -9/+95 | |
2012-09-05 | s4 dns: Handle GSS-TSIG signatures | Kai Blin | 5 | -59/+352 | |
2012-08-31 | s4 dns: Store TKEYs in a ringbuffer | Kai Blin | 3 | -57/+106 | |
This stops us from potentially being DoSed by tons of TKEYs Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 22:46:01 CEST 2012 on sn-devel-104 | |||||
2012-08-31 | s4 dns: Negotiate GSSAPI-based TKEYs | Kai Blin | 4 | -1/+254 | |
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 10:38:35 CEST 2012 on sn-devel-104 | |||||
2012-08-06 | lib/param: move enum dns_update_settings to lib/param | Christian Ambach | 2 | -26/+1 | |
2012-06-15 | lib/param: Create a seperate server role for "active directory domain ↵ | Andrew Bartlett | 1 | -1/+1 | |
controller" This will allow us to detect from the smb.conf if this is a Samba4 AD DC which will allow smarter handling of (for example) accidentially starting smbd rather than samba. To cope with upgrades from existing Samba4 installs, 'domain controller' is a synonym of 'active directory domain controller' and new parameters 'classic primary domain controller' and 'classic backup domain controller' are added. Andrew Bartlett | |||||
2012-06-06 | s4:dns-server: remove an extra blank line from handle_question() | Michael Adam | 1 | -1/+0 | |
2012-06-06 | s4 dns: Correctly handle A questions for CNAMEs | Kai Blin | 1 | -5/+56 | |
When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104 | |||||
2012-05-30 | s4-dns: Use W_ERROR_HAVE_NO_MEMORY in create_response_rr | Kai Blin | 1 | -24/+8 | |
2012-05-30 | s4-dns: Use proper talloc hierarchy for NS records in create_response_rr | Kai Blin | 1 | -1/+2 | |
2012-05-30 | s4-dns: Use proper talloc hierarchy for AAAA records in create_response_rr | Kai Blin | 1 | -1/+2 | |
2012-05-30 | s4-dns: Remove sync dns_process | Volker Lendecke | 1 | -24/+0 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Make the TCP dns server async | Volker Lendecke | 1 | -21/+39 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Make the UDP dns server async | Volker Lendecke | 1 | -18/+38 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Remove sync dns_server_process_query | Volker Lendecke | 2 | -39/+0 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Make dns_process_send asyn | Volker Lendecke | 3 | -80/+148 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Remove unused sync ask_forwarder wrapper | Volker Lendecke | 1 | -30/+0 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Make dns_server_process_query async | Volker Lendecke | 1 | -37/+120 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Make ask_forwarder async | Volker Lendecke | 1 | -43/+111 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Create a proper talloc hierarchy in create_response_rr | Volker Lendecke | 1 | -3/+15 | |
Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Add debug output for unmappable WERROR to DNS errcode | Volker Lendecke | 1 | -1/+1 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Fix some typos | Volker Lendecke | 2 | -2/+2 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Remove some break; statements | Volker Lendecke | 1 | -8/+0 | |
We fall through implicitly, and that pattern is used elsewhere in Samba as well. Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Fix an unlikely potential memleak | Volker Lendecke | 1 | -2/+4 | |
If state was alloc'ed to NULL, in_packet to != NULL and out_packet to NULL, we leak in_packet. Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Use talloc_asprintf_append_buffer in create_response_rr | Volker Lendecke | 1 | -2/+2 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-30 | s4-dns: Add some NULL checks to create_response_rr | Volker Lendecke | 1 | -0/+15 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2012-05-24 | dlz_bind9: Make the talloc destructor static and return 0. | Amitay Isaacs | 1 | -1/+2 | |
Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Thu May 24 03:32:50 CEST 2012 on sn-devel-104 | |||||
2012-05-24 | dlz_bind9: Fix the named crash on reloading named | Amitay Isaacs | 1 | -1/+17 | |
When reloading zones, named first creates new zone instance and then shuts down the old instance. Since ldb layer, keeps the same LDB open, talloc_free() on samdb handle, causes talloc "access after use" error. This patch keeps only single context (dlz_bind9_data) and uses reference counting to decide when to actually free the context. Since samdb handle is reused, use talloc_unlink() instead of talloc_free() on samdb handle. |