mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s4:dns_server: no-op dns updates with ACCESS_DENIED should be ignored
If the client does not have permissions to update the record,
but the record already has the data the update tries to apply,
it's a no-op that should result in success instead of failing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 6 03:18:16 UTC 2024 on atb-devel-224
(cherry picked from commit ed61c57e02
)
This commit is contained in:
parent
89817ed216
commit
df54d3fdda
@ -1,3 +0,0 @@
|
||||
^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_tsig_windows.fl2008r2dc
|
||||
^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_wo_tsig.fl2008r2dc
|
||||
^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_tsig_record_access_denied.fl2008r2dc
|
@ -570,6 +570,8 @@ static WERROR handle_one_update(struct dns_server *dns,
|
||||
W_ERROR_NOT_OK_RETURN(werror);
|
||||
|
||||
for (i = first; i < rcount; i++) {
|
||||
struct dnsp_DnssrvRpcRecord orig_rec = recs[i];
|
||||
|
||||
if (!dns_record_match(&recs[i], &recs[rcount])) {
|
||||
continue;
|
||||
}
|
||||
@ -583,6 +585,15 @@ static WERROR handle_one_update(struct dns_server *dns,
|
||||
werror = dns_replace_records(dns, mem_ctx, dn,
|
||||
needs_add, recs, rcount);
|
||||
DBG_DEBUG("dns_replace_records(REPLACE): %s\n", win_errstr(werror));
|
||||
if (W_ERROR_EQUAL(werror, WERR_ACCESS_DENIED) &&
|
||||
!needs_add &&
|
||||
orig_rec.dwTtlSeconds == recs[i].dwTtlSeconds)
|
||||
{
|
||||
DBG_NOTICE("dns_replace_records(REPLACE): %s "
|
||||
"=> skip no-op\n",
|
||||
win_errstr(werror));
|
||||
werror = WERR_OK;
|
||||
}
|
||||
W_ERROR_NOT_OK_RETURN(werror);
|
||||
|
||||
return WERR_OK;
|
||||
|
Loading…
Reference in New Issue
Block a user