mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s4:dns_server: no-op dns updates with ACCESS_DENIED should be ignored
If the client does not have permissions to update the record, but the record already has the data the update tries to apply, it's a no-op that should result in success instead of failing. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Jun 6 03:18:16 UTC 2024 on atb-devel-224
This commit is contained in:
parent
76fec2668e
commit
ed61c57e02
@ -1,3 +0,0 @@
|
|||||||
^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_tsig_windows.fl2008r2dc
|
|
||||||
^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_wo_tsig.fl2008r2dc
|
|
||||||
^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_tsig_record_access_denied.fl2008r2dc
|
|
@ -570,6 +570,8 @@ static WERROR handle_one_update(struct dns_server *dns,
|
|||||||
W_ERROR_NOT_OK_RETURN(werror);
|
W_ERROR_NOT_OK_RETURN(werror);
|
||||||
|
|
||||||
for (i = first; i < rcount; i++) {
|
for (i = first; i < rcount; i++) {
|
||||||
|
struct dnsp_DnssrvRpcRecord orig_rec = recs[i];
|
||||||
|
|
||||||
if (!dns_record_match(&recs[i], &recs[rcount])) {
|
if (!dns_record_match(&recs[i], &recs[rcount])) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@ -583,6 +585,15 @@ static WERROR handle_one_update(struct dns_server *dns,
|
|||||||
werror = dns_replace_records(dns, mem_ctx, dn,
|
werror = dns_replace_records(dns, mem_ctx, dn,
|
||||||
needs_add, recs, rcount);
|
needs_add, recs, rcount);
|
||||||
DBG_DEBUG("dns_replace_records(REPLACE): %s\n", win_errstr(werror));
|
DBG_DEBUG("dns_replace_records(REPLACE): %s\n", win_errstr(werror));
|
||||||
|
if (W_ERROR_EQUAL(werror, WERR_ACCESS_DENIED) &&
|
||||||
|
!needs_add &&
|
||||||
|
orig_rec.dwTtlSeconds == recs[i].dwTtlSeconds)
|
||||||
|
{
|
||||||
|
DBG_NOTICE("dns_replace_records(REPLACE): %s "
|
||||||
|
"=> skip no-op\n",
|
||||||
|
win_errstr(werror));
|
||||||
|
werror = WERR_OK;
|
||||||
|
}
|
||||||
W_ERROR_NOT_OK_RETURN(werror);
|
W_ERROR_NOT_OK_RETURN(werror);
|
||||||
|
|
||||||
return WERR_OK;
|
return WERR_OK;
|
||||||
|
Loading…
Reference in New Issue
Block a user