summaryrefslogtreecommitdiffstats
path: root/source4/dns_server
Commit message (Collapse)AuthorAgeFilesLines
* s4-dns: Ignore duplicate dns zones from multiple locations in dlz_bind9Amitay Isaacs2013-11-301-0/+55
| | | | | | | | | | | | | | | | | | | | BIND DLZ module currently loads DNS zones from DNS partitions and domain partitions using following prefixes: CN=MicrosoftDNS,DC=DomainDnsZones CN=MicrosoftDNS,DC=ForestDNSZones CN=MicrosoftDNS,CN=System Windows supports DNS zones duplicated in DNS partitions and domain partition and updates both of them simultaneously. BIND DLZ module can handle DNS zones stored either in DNS partitions or domain partition, but not both. This patch ignores duplicate zones from domain partition and allows BIND9 to work with AD with duplicate DNS zones. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Kai Blin <kai@samba.org>
* dns: Update TODO listKai Blin2013-07-291-8/+5
| | | | | | | | | | | A lot of the todo items have been resolved, avoid confusing people. Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Jul 29 09:12:17 CEST 2013 on sn-devel-104
* dns: Delete dnsNode objects when they are emptyKai Blin2013-06-011-1/+7
| | | | | | | | | | | | If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dns: Support larger queries when asking forwarderKai Blin2013-05-264-0/+40
| | | | | | | This should fix bug #9632 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* dns: Also print packet information for DBGC_DNSKai Blin2013-05-181-5/+5
| | | | | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sat May 18 12:48:15 CEST 2013 on sn-devel-104
* dns: Add support for MX queriesKai Blin2013-05-161-0/+8
| | | | | | | | | | Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
* dns: Also add a print-out for the out_packetKai Blin2013-05-161-0/+4
| | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
* dns: Use new DNS debugclass in DNS serverKai Blin2013-05-165-0/+15
| | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
* s4-dns: dlz_bind9: Check result to avoid segfaultStefan Gohmann2013-03-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We saw this issue in a customer environment with many CNF objects. I wasn't able to reproduce it, but I got the following core dump: (gdb) directory samba4-4.0.0~rc6/source4/dns_server/ Source directories searched: /root/samba4-4.0.0~rc6/source4/dns_server:$cdir:$cwd (gdb) bt #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 #1 0xb4b0bdb8 in dlz_lookup (zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", dbdata=0x9648e48, lookup=0xb6db7588) at ../source4/dns_server/dlz_bind9.c:875 #2 0x080b43d8 in dlopen_dlz_lookup () #3 0xb7701755 in findnode () from /usr/lib/libdns.so.81 #4 0xb7701d22 in find () from /usr/lib/libdns.so.81 #5 0xb7639e5f in dns_db_find () from /usr/lib/libdns.so.81 #6 0x08075476 in query_find () #7 0x0807acb9 in ns_query_start () #8 0x08060712 in client_request () #9 0xb743022b in run () from /usr/lib/libisc.so.81 #10 0xb7216955 in start_thread () from /lib/i686/cmov/libpthread.so.0 #11 0xb706c1de in clone () from /lib/i686/cmov/libc.so.6 (gdb) f 0 #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 830 el = ldb_msg_find_element(res->msgs[0], "dnsRecord"); (gdb) p res->msgs $1 = (struct ldb_message **) 0x0 (gdb) p res->count $2 = 0 (gdb) Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4-dns: Fix format string vulnerability in an error message (bug #9354)Amitay Isaacs2012-11-041-4/+5
| | | | | | | | | | | | Also, fixes few comments. Thanks to Bruno Rohée <bruno@rohee.org> for reporting and patch fix. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Kai Blin <kai@samba.org> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Sun Nov 4 16:58:13 CET 2012 on sn-devel-104
* s4:dns_server: fix formatting difference compared to v4-0-testStefan Metzmacher2012-10-241-1/+2
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Oct 24 10:12:51 CEST 2012 on sn-devel-104
* dns_server: Try and use the dns-SERVER account if we were configured with itAndrew Bartlett2012-10-171-14/+47
|
* s4-dns: Fix the comments about ignoring zones in internal serverMatthieu Patou2012-10-131-1/+7
| | | | | | | Acked-By: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sat Oct 13 12:37:53 CEST 2012 on sn-devel-104
* s4-dns: dlz_bind9: Ignore zones that are not used by BIND9 DLZ pluginAmitay Isaacs2012-10-091-0/+5
| | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com>
* s4-dns: fix a warningMatthieu Patou2012-10-081-2/+1
| | | | | Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Oct 8 10:45:41 CEST 2012 on sn-devel-104
* s4-dns: Ignore zones that shouldn't be returned currentlyMatthieu Patou2012-10-071-1/+7
| | | | | | | RootDNSServers should never be returned (Windows DNS server don't) ..TrustAnchors should never be returned as is, (Windows returns TrustAnchors) and for the moment we don't support DNSSEC so we'd better not return this zone.
* s4-dns: fix a non handled memory out of memoryMatthieu Patou2012-10-021-0/+1
| | | | | | | Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue Oct 2 09:43:52 CEST 2012 on sn-devel-104
* s4 dns: Fix return code for deleted recordsKai Blin2012-09-301-1/+1
| | | | | | | | | | This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
* s4 dns: Get rid of deprecated allocation result checkKai Blin2012-09-301-1/+3
|
* s4:dns_server - introduce the wildcard binding featureMatthias Dieter Wallnöfer2012-09-231-10/+28
| | | | | | | | | | | | | We need the wildcard binding feature otherwise we might get bound to a private interface in case of multiple interfaces and no "interfaces" parameter in smb.conf. Code taken from source4/ldap_server/ldap_server.c Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 23 23:44:03 CEST 2012 on sn-devel-104
* dns_server: Remove parameter 'dns recursive queries' and base this on 'dns ↵Andrew Bartlett2012-09-121-2/+3
| | | | | | | | | | forwarder' This simplifies a very common configuration. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:dns_server: remove wrong and unused dsdb_check_access_on_dn() checkStefan Metzmacher2012-09-121-16/+0
| | | | metze
* dns_server: Attempt to SET and UNSET the sessionInfo to match the incoming userAndrew Bartlett2012-09-121-2/+24
| | | | | | | | | | | | This avoids re-opening the DB as the correct user, but applies all the right ACLs and resulting owner. This needs a bit more testing... Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Kai Blin <kai@samba.org>
* s4 dns: Improve logging of delegated dns updatesKai Blin2012-09-121-1/+1
|
* s4 dns: Make debug output less noisyKai Blin2012-09-074-16/+16
| | | | | Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Sep 7 00:31:56 CEST 2012 on sn-devel-104
* s4 dns: Check if signing user is allowed to update recordsKai Blin2012-09-061-16/+56
| | | | This should fix bug #9142
* selftest: Add tests for the dlz_bind9 moduleAndrew Bartlett2012-09-061-0/+7
| | | | | | | | This will help ensure that we do not break the fundemental loading etc. From here, it should be easy to extend this to more comprehensive tests. Andrew Bartlett
* s4 dns: Allow configuring signed updatesKai Blin2012-09-051-1/+6
| | | | | Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 20:42:46 CEST 2012 on sn-devel-104
* s4 dns: Make sure to remember incoming tkey nameKai Blin2012-09-051-0/+4
|
* s4 dns: Verify incoming TSIG signaturesKai Blin2012-09-054-0/+189
|
* s4 dns: Handle GSS-TSIG signature creationKai Blin2012-09-053-0/+144
|
* s4 dns: When we got a TKEY, we need to remember which key to use for signingKai Blin2012-09-052-2/+17
|
* s4 dns: TKEY record needs to remember incoming algorithmKai Blin2012-09-052-1/+10
| | | | Samba3 (and older windows versions) use gss.microsoft.com, win7 (and the RFC) use gss-tsig
* s4 dns: Move dns_find_tkey to an extra fileKai Blin2012-09-054-56/+88
|
* s4-dns: Fix linking the dns service.Andreas Schneider2012-09-051-1/+1
| | | | | Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Sep 5 18:40:00 CEST 2012 on sn-devel-104
* s4 dns: Revert erroneous push from wrong branchKai Blin2012-09-057-461/+60
| | | | | | | I've pushed the wrong branch for this, sorry about that. Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 14:10:54 CEST 2012 on sn-devel-104
* s4 dns: Allow configuring signed updatesKai Blin2012-09-051-1/+6
| | | | | Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed Sep 5 10:45:22 CEST 2012 on sn-devel-104
* s4 dns: Make sure to remember incoming tkey nameKai Blin2012-09-051-0/+4
|
* more tsig_verify stuffKai Blin2012-09-053-12/+23
|
* drop meKai Blin2012-09-051-0/+3
|
* hack: dns_sign_tsig correct memcpyKai Blin2012-09-051-1/+1
|
* HACK remove debug statementKai Blin2012-09-051-1/+0
|
* s4 dns: Verify incoming TSIG signaturesKai Blin2012-09-054-9/+95
|
* s4 dns: Handle GSS-TSIG signaturesKai Blin2012-09-055-59/+352
|
* s4 dns: Store TKEYs in a ringbufferKai Blin2012-08-313-57/+106
| | | | | | | This stops us from potentially being DoSed by tons of TKEYs Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 22:46:01 CEST 2012 on sn-devel-104
* s4 dns: Negotiate GSSAPI-based TKEYsKai Blin2012-08-314-1/+254
| | | | | Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 10:38:35 CEST 2012 on sn-devel-104
* lib/param: move enum dns_update_settings to lib/paramChristian Ambach2012-08-062-26/+1
|
* lib/param: Create a seperate server role for "active directory domain ↵Andrew Bartlett2012-06-151-1/+1
| | | | | | | | | | | | | | | controller" This will allow us to detect from the smb.conf if this is a Samba4 AD DC which will allow smarter handling of (for example) accidentially starting smbd rather than samba. To cope with upgrades from existing Samba4 installs, 'domain controller' is a synonym of 'active directory domain controller' and new parameters 'classic primary domain controller' and 'classic backup domain controller' are added. Andrew Bartlett
* s4:dns-server: remove an extra blank line from handle_question()Michael Adam2012-06-061-1/+0
|
* s4 dns: Correctly handle A questions for CNAMEsKai Blin2012-06-061-5/+56
| | | | | | | | | | | | When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-10-02 04:34:36 +0000