summaryrefslogtreecommitdiff
path: root/source4/dns_server
AgeCommit message (Collapse)AuthorFilesLines
2013-06-01dns: Delete dnsNode objects when they are emptyKai Blin1-1/+7
If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-05-26dns: Support larger queries when asking forwarderKai Blin4-0/+40
This should fix bug #9632 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-05-18dns: Also print packet information for DBGC_DNSKai Blin1-5/+5
Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sat May 18 12:48:15 CEST 2013 on sn-devel-104
2013-05-16dns: Add support for MX queriesKai Blin1-0/+8
Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2013-05-16dns: Also add a print-out for the out_packetKai Blin1-0/+4
Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2013-05-16dns: Use new DNS debugclass in DNS serverKai Blin5-0/+15
Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2013-03-09s4-dns: dlz_bind9: Check result to avoid segfaultStefan Gohmann1-1/+1
We saw this issue in a customer environment with many CNF objects. I wasn't able to reproduce it, but I got the following core dump: (gdb) directory samba4-4.0.0~rc6/source4/dns_server/ Source directories searched: /root/samba4-4.0.0~rc6/source4/dns_server:$cdir:$cwd (gdb) bt #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 #1 0xb4b0bdb8 in dlz_lookup (zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", dbdata=0x9648e48, lookup=0xb6db7588) at ../source4/dns_server/dlz_bind9.c:875 #2 0x080b43d8 in dlopen_dlz_lookup () #3 0xb7701755 in findnode () from /usr/lib/libdns.so.81 #4 0xb7701d22 in find () from /usr/lib/libdns.so.81 #5 0xb7639e5f in dns_db_find () from /usr/lib/libdns.so.81 #6 0x08075476 in query_find () #7 0x0807acb9 in ns_query_start () #8 0x08060712 in client_request () #9 0xb743022b in run () from /usr/lib/libisc.so.81 #10 0xb7216955 in start_thread () from /lib/i686/cmov/libpthread.so.0 #11 0xb706c1de in clone () from /lib/i686/cmov/libc.so.6 (gdb) f 0 #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 830 el = ldb_msg_find_element(res->msgs[0], "dnsRecord"); (gdb) p res->msgs $1 = (struct ldb_message **) 0x0 (gdb) p res->count $2 = 0 (gdb) Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-04s4-dns: Fix format string vulnerability in an error message (bug #9354)Amitay Isaacs1-4/+5
Also, fixes few comments. Thanks to Bruno Rohée <bruno@rohee.org> for reporting and patch fix. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Kai Blin <kai@samba.org> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Sun Nov 4 16:58:13 CET 2012 on sn-devel-104
2012-10-24s4:dns_server: fix formatting difference compared to v4-0-testStefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Oct 24 10:12:51 CEST 2012 on sn-devel-104
2012-10-17dns_server: Try and use the dns-SERVER account if we were configured with itAndrew Bartlett1-14/+47
2012-10-13s4-dns: Fix the comments about ignoring zones in internal serverMatthieu Patou1-1/+7
Acked-By: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sat Oct 13 12:37:53 CEST 2012 on sn-devel-104
2012-10-09s4-dns: dlz_bind9: Ignore zones that are not used by BIND9 DLZ pluginAmitay Isaacs1-0/+5
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
2012-10-08s4-dns: fix a warningMatthieu Patou1-2/+1
Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Oct 8 10:45:41 CEST 2012 on sn-devel-104
2012-10-07s4-dns: Ignore zones that shouldn't be returned currentlyMatthieu Patou1-1/+7
RootDNSServers should never be returned (Windows DNS server don't) ..TrustAnchors should never be returned as is, (Windows returns TrustAnchors) and for the moment we don't support DNSSEC so we'd better not return this zone.
2012-10-02s4-dns: fix a non handled memory out of memoryMatthieu Patou1-0/+1
Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue Oct 2 09:43:52 CEST 2012 on sn-devel-104
2012-09-30s4 dns: Fix return code for deleted recordsKai Blin1-1/+1
This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30s4 dns: Get rid of deprecated allocation result checkKai Blin1-1/+3
2012-09-23s4:dns_server - introduce the wildcard binding featureMatthias Dieter Wallnöfer1-10/+28
We need the wildcard binding feature otherwise we might get bound to a private interface in case of multiple interfaces and no "interfaces" parameter in smb.conf. Code taken from source4/ldap_server/ldap_server.c Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 23 23:44:03 CEST 2012 on sn-devel-104
2012-09-12dns_server: Remove parameter 'dns recursive queries' and base this on 'dns ↵Andrew Bartlett1-2/+3
forwarder' This simplifies a very common configuration. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-12s4:dns_server: remove wrong and unused dsdb_check_access_on_dn() checkStefan Metzmacher1-16/+0
metze
2012-09-12dns_server: Attempt to SET and UNSET the sessionInfo to match the incoming userAndrew Bartlett1-2/+24
This avoids re-opening the DB as the correct user, but applies all the right ACLs and resulting owner. This needs a bit more testing... Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Kai Blin <kai@samba.org>
2012-09-12s4 dns: Improve logging of delegated dns updatesKai Blin1-1/+1
2012-09-07s4 dns: Make debug output less noisyKai Blin4-16/+16
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Sep 7 00:31:56 CEST 2012 on sn-devel-104
2012-09-06s4 dns: Check if signing user is allowed to update recordsKai Blin1-16/+56
This should fix bug #9142
2012-09-06selftest: Add tests for the dlz_bind9 moduleAndrew Bartlett1-0/+7
This will help ensure that we do not break the fundemental loading etc. From here, it should be easy to extend this to more comprehensive tests. Andrew Bartlett
2012-09-05s4 dns: Allow configuring signed updatesKai Blin1-1/+6
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 20:42:46 CEST 2012 on sn-devel-104
2012-09-05s4 dns: Make sure to remember incoming tkey nameKai Blin1-0/+4
2012-09-05s4 dns: Verify incoming TSIG signaturesKai Blin4-0/+189
2012-09-05s4 dns: Handle GSS-TSIG signature creationKai Blin3-0/+144
2012-09-05s4 dns: When we got a TKEY, we need to remember which key to use for signingKai Blin2-2/+17
2012-09-05s4 dns: TKEY record needs to remember incoming algorithmKai Blin2-1/+10
Samba3 (and older windows versions) use gss.microsoft.com, win7 (and the RFC) use gss-tsig
2012-09-05s4 dns: Move dns_find_tkey to an extra fileKai Blin4-56/+88
2012-09-05s4-dns: Fix linking the dns service.Andreas Schneider1-1/+1
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Sep 5 18:40:00 CEST 2012 on sn-devel-104
2012-09-05s4 dns: Revert erroneous push from wrong branchKai Blin7-461/+60
I've pushed the wrong branch for this, sorry about that. Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 14:10:54 CEST 2012 on sn-devel-104
2012-09-05s4 dns: Allow configuring signed updatesKai Blin1-1/+6
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 10:45:22 CEST 2012 on sn-devel-104
2012-09-05s4 dns: Make sure to remember incoming tkey nameKai Blin1-0/+4
2012-09-05more tsig_verify stuffKai Blin3-12/+23
2012-09-05drop meKai Blin1-0/+3
2012-09-05hack: dns_sign_tsig correct memcpyKai Blin1-1/+1
2012-09-05HACK remove debug statementKai Blin1-1/+0
2012-09-05s4 dns: Verify incoming TSIG signaturesKai Blin4-9/+95
2012-09-05s4 dns: Handle GSS-TSIG signaturesKai Blin5-59/+352
2012-08-31s4 dns: Store TKEYs in a ringbufferKai Blin3-57/+106
This stops us from potentially being DoSed by tons of TKEYs Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 22:46:01 CEST 2012 on sn-devel-104
2012-08-31s4 dns: Negotiate GSSAPI-based TKEYsKai Blin4-1/+254
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 10:38:35 CEST 2012 on sn-devel-104
2012-08-06lib/param: move enum dns_update_settings to lib/paramChristian Ambach2-26/+1
2012-06-15lib/param: Create a seperate server role for "active directory domain ↵Andrew Bartlett1-1/+1
controller" This will allow us to detect from the smb.conf if this is a Samba4 AD DC which will allow smarter handling of (for example) accidentially starting smbd rather than samba. To cope with upgrades from existing Samba4 installs, 'domain controller' is a synonym of 'active directory domain controller' and new parameters 'classic primary domain controller' and 'classic backup domain controller' are added. Andrew Bartlett
2012-06-06s4:dns-server: remove an extra blank line from handle_question()Michael Adam1-1/+0
2012-06-06s4 dns: Correctly handle A questions for CNAMEsKai Blin1-5/+56
When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-05-30s4-dns: Use W_ERROR_HAVE_NO_MEMORY in create_response_rrKai Blin1-24/+8
2012-05-30s4-dns: Use proper talloc hierarchy for NS records in create_response_rrKai Blin1-1/+2