From 8d9da67185aac48d7d0bc1e7b90262ae9afc6a64 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Tue, 27 Mar 2012 13:36:16 +0200 Subject: s4 dns: Only forward for zones we don't own --- source4/dns_server/dns_query.c | 5 +++-- source4/dns_server/dns_server.h | 2 ++ source4/dns_server/dns_utils.c | 28 ++++++++++++++++++++++++++++ 3 files changed, 33 insertions(+), 2 deletions(-) diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c index e57512c488..9d287bd3a4 100644 --- a/source4/dns_server/dns_query.c +++ b/source4/dns_server/dns_query.c @@ -226,8 +226,9 @@ WERROR dns_server_process_query(struct dns_server *dns, return DNS_ERR(NOT_IMPLEMENTED); } - werror = handle_question(dns, mem_ctx, &in->questions[0], &ans, &num_answers); - if(W_ERROR_EQUAL(DNS_ERR(NAME_ERROR), werror)) { + if (dns_authorative_for_zone(dns, in->questions[0].name)) { + werror = handle_question(dns, mem_ctx, &in->questions[0], &ans, &num_answers); + } else { DEBUG(2, ("I don't feel responsible for '%s', forwarding\n", in->questions[0].name)); werror = ask_forwarder(mem_ctx, &in->questions[0], &ans, &num_answers, &ns, &num_nsrecs, &adds, &num_additional); diff --git a/source4/dns_server/dns_server.h b/source4/dns_server/dns_server.h index 53d6306318..718df00dd8 100644 --- a/source4/dns_server/dns_server.h +++ b/source4/dns_server/dns_server.h @@ -59,6 +59,8 @@ bool dns_name_match(const char *zone, const char *name, size_t *host_part_len); bool dns_name_equal(const char *name1, const char *name2); bool dns_records_match(struct dnsp_DnssrvRpcRecord *rec1, struct dnsp_DnssrvRpcRecord *rec2); +bool dns_authorative_for_zone(struct dns_server *dns, + const char *name); WERROR dns_lookup_records(struct dns_server *dns, TALLOC_CTX *mem_ctx, struct ldb_dn *dn, diff --git a/source4/dns_server/dns_utils.c b/source4/dns_server/dns_utils.c index 1f7648cd5b..b4f308c027 100644 --- a/source4/dns_server/dns_utils.c +++ b/source4/dns_server/dns_utils.c @@ -294,6 +294,34 @@ WERROR dns_replace_records(struct dns_server *dns, return WERR_OK; } +bool dns_authorative_for_zone(struct dns_server *dns, + const char *name) +{ + const struct dns_server_zone *z; + size_t host_part_len = 0; + + if (name == NULL) { + return false; + } + + if (strcmp(name, "") == 0) { + return true; + } + for (z = dns->zones; z != NULL; z = z->next) { + bool match; + + match = dns_name_match(z->name, name, &host_part_len); + if (match) { + break; + } + } + if (z == NULL) { + return false; + } + + return true; +} + WERROR dns_name2dn(struct dns_server *dns, TALLOC_CTX *mem_ctx, const char *name, -- cgit