summaryrefslogtreecommitdiffstats
path: root/source4/dns_server
Commit message (Collapse)AuthorAgeFilesLines
* s4-dns: Reload DNS zones from dsdb when zones are modified through RPC or DRSSamuel Cabrero2014-12-221-38/+95
| | | | | | | | | | | | | Setup a RPC management call on the internal DNS server triggered a new LDB module which sniffs dnsZone object add, delete and modify operations. This way the notification is triggered when zones are modified either from RPC or replicated by inbound DRS. Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> (shadowed variable error corrected by abartlet) Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* dns_server: Only build common library if AD DC is enabled.Andreas Schneider2014-11-261-1/+1
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Nov 26 12:11:18 CET 2014 on sn-devel-104
* s4-dns: dlz-bind: Add trailing '.' to all fqdn stringsAmitay Isaacs2014-11-211-10/+45
| | | | | | | | | | | | | | BIND 9.10.x is strict when sending records via putrr and putnamedrr. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10620 Thanks to Guenter Kukkukk for identifying the problem and resolution. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Guenter Kukkukk <kukks@samba.org> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Fri Nov 21 06:14:55 CET 2014 on sn-devel-104
* s4:dns_server: allocate substructures of struct dns_request_state on the ↵Stefan Metzmacher2014-11-184-3/+5
| | | | | | | correct TALLOC_CTX Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* s4:dns_server: add some const to ↵Stefan Metzmacher2014-11-182-5/+5
| | | | | | | dns_server_process_update/dns_update_allowed arguments Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* dns: Fix a compile warning by casting explicitlyKai Blin2014-10-302-5/+5
| | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-dns: Add support for BIND 9.10Amitay Isaacs2014-10-252-1/+28
| | | | | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Sat Oct 25 05:42:19 CEST 2014 on sn-devel-104
* s4-dns: Update dlz_minimal.h based on BIND release 9.10Amitay Isaacs2014-10-251-54/+153
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Matthieu Patou <mat@matws.net>
* s4-dns: Check DLZ_DLOPEN_VERSION for different BIND versionsAmitay Isaacs2014-10-252-14/+10
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Matthieu Patou <mat@matws.net>
* s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() before add/modifyStefan Metzmacher2014-08-271-56/+21
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 27 15:21:19 CEST 2014 on sn-devel-104
* s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() before removing recordsStefan Metzmacher2014-08-271-46/+7
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dlz_bind9: let dlz_bind9 use dns_common_replace()Stefan Metzmacher2014-08-271-77/+50
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Change-Id: I2fd2503230cbf89445594e49f39ac321769ff06e Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dlz_bind9: let dlz_bind9 use dns_common_extract()Stefan Metzmacher2014-08-271-57/+61
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Change-Id: I7c661964a3da1a1981f022a06b9bef25bbd33479 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() for name lookupStefan Metzmacher2014-08-272-53/+21
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Change-Id: I2632fa0ce120a978f6f400fa5cbf18a7fbbd64a3 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dlz_bind9: do an early talloc_free(el_ctx) in dlz_allnodes()Stefan Metzmacher2014-08-261-0/+2
| | | | | | | We don't have to keep everything arround while walking the whole zone. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dlz_bind9: avoid some compiler warningsStefan Metzmacher2014-08-262-4/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: handle tombstones in handle_one_update()Stefan Metzmacher2014-08-261-16/+25
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: add DNS_TYPE_TOMBSTONE support to dns_common_replace()Stefan Metzmacher2014-08-261-4/+77
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: make sure dns_common_lookup() doesn't return tombstonesStefan Metzmacher2014-08-263-6/+53
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: use .wType = DNS_TYPE_TOMBSTONE instead of ZERO_STRUCT()Stefan Metzmacher2014-08-261-5/+15
| | | | | | | | | | The result is the same, but it is clearer. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: split out dns_common_replace()Stefan Metzmacher2014-08-264-68/+90
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: remove const from dns_replace_records()Stefan Metzmacher2014-08-262-2/+2
| | | | | | | | | | All callers are find we the record array gets modified. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: split out dns_common_extract() and dns_common_lookup()Stefan Metzmacher2014-08-263-44/+92
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: split out a private 'dnsserver_common' libraryStefan Metzmacher2014-08-265-36/+105
| | | | | | | | | | | This will contain common code for the internal dns server, the dlz_bind9 module and the rpc dns management server. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: map LDB_ERR_NO_SUCH_OBJECT to WERR_DNS_ERROR_NAME_DOES_NOT_EXISTStefan Metzmacher2014-08-262-14/+24
| | | | | | | | | | | | | | | | This is the correct fix for commit 8b24c43b382740106474e26dec59e1419ba77306 and Bug: https://bugzilla.samba.org/show_bug.cgi?id=9559 With this change we have a consistent behavior between internal server and the bind dlz module. We keep a dangling LDAP object without dnsRecord attribute arround forever. This will be fixed in the following commits. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: handle WERR_DNS_ERROR_NAME_DOES_NOT_EXIST in werr_to_dns_err()Stefan Metzmacher2014-08-261-0/+2
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3/s4: smbd, rpc, ldap, cldap, kdc services.Jeremy Allison2014-06-071-1/+8
| | | | | | | | | | | | | | Allow us to start if we bind to *either* :: or 0.0.0.0. Allows us to cope with systems configured as only IPv4 or only IPv6. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104
* s4-dns: dlz_bind9: improve log message consistencyArvid Requate2014-05-261-4/+4
| | | | | | | | | | Change-Id: I0a12c048fd4e667b9aa0777f99c8f8306fc090ea Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kai Blin <kai@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon May 26 05:55:46 CEST 2014 on sn-devel-104
* s4-dns: dlz_bind9: Fix ipv6 updatesArvid Requate2014-05-261-1/+5
| | | | | | | | | | | | | b9_record_match needs to consider all allowed representations of IPv6 addresses (RFC 2373), otherwise DNS subtractrdataset operations fail due to differences in zero padding between bind9 frontend and ndr_pull of a dnsp_DnssrvRpcRecord structure. Change-Id: Ic0a1b16008458993dc644646d7f4ae3d3a3c5fed Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kai Blin <kai@samba.org> Reviewed-by: Guenter Kukkukk <kukks@samba.org>
* bug #10609: CVE-2014-0239 Don't reply to repliesKai Blin2014-05-201-0/+6
| | | | | | | | | | | | | | | | Due to insufficient input checking, the DNS server will reply to a packet that has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed sender address and have two servers DOS each other with circular replies. This patch fixes bug #10609 and adds a test to make sure we don't regress. CVE-2014-2039 has been assigned to this issue. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
* kerberos: Remove un-used event context argument from smb_krb5_init_context()Andrew Bartlett2014-04-281-1/+1
| | | | | | | | | | | | | | | | | The event context here was only specified in the server or admin-tool context, which does not do network communication, so this only caused a talloc_reference() and never any useful result. The actual network communication code sets an event context directly before making the network call. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Apr 28 02:24:57 CEST 2014 on sn-devel-104
* s4:dns_server: make use of gensec_update_ev()Stefan Metzmacher2014-03-272-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:lib/socket: simplify iface_list_wildcard() and its callersStefan Metzmacher2014-03-071-4/+4
| | | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10464 Signed-off-by: Stefan Metzmacher <metze@samba.org> Change-Id: Ib317d71dea01fc8ef6b6a26455f15a8a175d59f6 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 7 02:18:17 CET 2014 on sn-devel-104
* bug #10471: Don't respond with NXDOMAIN to records that exist with another typeKai Blin2014-03-041-6/+8
| | | | | | | | | | DNS queries for records with the wrong type need to trigger an empty response with RCODE_OK instead of returning NXDOMAIN. This adds a test and fixes bug #10471 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4-dns: Ignore duplicate dns zones from multiple locations in dlz_bind9Amitay Isaacs2013-11-301-0/+55
| | | | | | | | | | | | | | | | | | | | BIND DLZ module currently loads DNS zones from DNS partitions and domain partitions using following prefixes: CN=MicrosoftDNS,DC=DomainDnsZones CN=MicrosoftDNS,DC=ForestDNSZones CN=MicrosoftDNS,CN=System Windows supports DNS zones duplicated in DNS partitions and domain partition and updates both of them simultaneously. BIND DLZ module can handle DNS zones stored either in DNS partitions or domain partition, but not both. This patch ignores duplicate zones from domain partition and allows BIND9 to work with AD with duplicate DNS zones. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Kai Blin <kai@samba.org>
* dns: Update TODO listKai Blin2013-07-291-8/+5
| | | | | | | | | | | A lot of the todo items have been resolved, avoid confusing people. Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Jul 29 09:12:17 CEST 2013 on sn-devel-104
* dns: Delete dnsNode objects when they are emptyKai Blin2013-06-011-1/+7
| | | | | | | | | | | | If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dns: Support larger queries when asking forwarderKai Blin2013-05-264-0/+40
| | | | | | | This should fix bug #9632 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* dns: Also print packet information for DBGC_DNSKai Blin2013-05-181-5/+5
| | | | | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sat May 18 12:48:15 CEST 2013 on sn-devel-104
* dns: Add support for MX queriesKai Blin2013-05-161-0/+8
| | | | | | | | | | Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
* dns: Also add a print-out for the out_packetKai Blin2013-05-161-0/+4
| | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
* dns: Use new DNS debugclass in DNS serverKai Blin2013-05-165-0/+15
| | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
* s4-dns: dlz_bind9: Check result to avoid segfaultStefan Gohmann2013-03-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We saw this issue in a customer environment with many CNF objects. I wasn't able to reproduce it, but I got the following core dump: (gdb) directory samba4-4.0.0~rc6/source4/dns_server/ Source directories searched: /root/samba4-4.0.0~rc6/source4/dns_server:$cdir:$cwd (gdb) bt #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 #1 0xb4b0bdb8 in dlz_lookup (zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", dbdata=0x9648e48, lookup=0xb6db7588) at ../source4/dns_server/dlz_bind9.c:875 #2 0x080b43d8 in dlopen_dlz_lookup () #3 0xb7701755 in findnode () from /usr/lib/libdns.so.81 #4 0xb7701d22 in find () from /usr/lib/libdns.so.81 #5 0xb7639e5f in dns_db_find () from /usr/lib/libdns.so.81 #6 0x08075476 in query_find () #7 0x0807acb9 in ns_query_start () #8 0x08060712 in client_request () #9 0xb743022b in run () from /usr/lib/libisc.so.81 #10 0xb7216955 in start_thread () from /lib/i686/cmov/libpthread.so.0 #11 0xb706c1de in clone () from /lib/i686/cmov/libc.so.6 (gdb) f 0 #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 830 el = ldb_msg_find_element(res->msgs[0], "dnsRecord"); (gdb) p res->msgs $1 = (struct ldb_message **) 0x0 (gdb) p res->count $2 = 0 (gdb) Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4-dns: Fix format string vulnerability in an error message (bug #9354)Amitay Isaacs2012-11-041-4/+5
| | | | | | | | | | | | Also, fixes few comments. Thanks to Bruno Rohée <bruno@rohee.org> for reporting and patch fix. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Kai Blin <kai@samba.org> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Sun Nov 4 16:58:13 CET 2012 on sn-devel-104
* s4:dns_server: fix formatting difference compared to v4-0-testStefan Metzmacher2012-10-241-1/+2
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Oct 24 10:12:51 CEST 2012 on sn-devel-104
* dns_server: Try and use the dns-SERVER account if we were configured with itAndrew Bartlett2012-10-171-14/+47
|
* s4-dns: Fix the comments about ignoring zones in internal serverMatthieu Patou2012-10-131-1/+7
| | | | | | | Acked-By: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sat Oct 13 12:37:53 CEST 2012 on sn-devel-104
* s4-dns: dlz_bind9: Ignore zones that are not used by BIND9 DLZ pluginAmitay Isaacs2012-10-091-0/+5
| | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com>
* s4-dns: fix a warningMatthieu Patou2012-10-081-2/+1
| | | | | Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Oct 8 10:45:41 CEST 2012 on sn-devel-104
* s4-dns: Ignore zones that shouldn't be returned currentlyMatthieu Patou2012-10-071-1/+7
| | | | | | | RootDNSServers should never be returned (Windows DNS server don't) ..TrustAnchors should never be returned as is, (Windows returns TrustAnchors) and for the moment we don't support DNSSEC so we'd better not return this zone.
generated by cgit (git 2.34.1) at 2025-08-29 09:53:10 +0000