1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

419 Commits

Author SHA1 Message Date
Stefan Metzmacher
ed61c57e02 s4:dns_server: no-op dns updates with ACCESS_DENIED should be ignored
If the client does not have permissions to update the record,
but the record already has the data the update tries to apply,
it's a no-op that should result in success instead of failing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun  6 03:18:16 UTC 2024 on atb-devel-224
2024-06-06 03:18:16 +00:00
Stefan Metzmacher
76fec2668e s4:dns_server: correctly sign dns update responses with gss-tsig like Windows
This means we no longer generate strange errors/warnings
in the Windows event log nor in the nsupdate -g output.

Note: this is a only difference between gss-tsig and
the legacy gss.microsoft.com algorithms.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06 02:13:33 +00:00
Stefan Metzmacher
db350bc573 s4:dns_server: dns_verify_tsig should return REFUSED on error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06 02:13:33 +00:00
Stefan Metzmacher
5906ed94f2 s4:dns_server: also search DNS_QTYPE_TKEY in the answers section if it's the last section
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06 02:13:33 +00:00
Stefan Metzmacher
ae7538af04 s4:dns_server: use tkey->algorithm if available in dns_sign_tsig()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06 02:13:33 +00:00
Stefan Metzmacher
bd0235cd51 s4:dns_server: use the client provided algorithm for the fake TSIG structure
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06 02:13:33 +00:00
Stefan Metzmacher
3467d14914 s4:dns_server: only allow gss-tsig and gss.microsoft.com for TSIG
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06 02:13:33 +00:00
Stefan Metzmacher
fa0f23e69e s4:dns_server: only allow gss-tsig and gss.microsoft.com for TKEY
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06 02:13:33 +00:00
Stefan Metzmacher
a56627b0d1 s4:dns_server: failed dns updates should result in REFUSED for ACCESS_DENIED
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06 02:13:33 +00:00
Andreas Schneider
cb9ff7b4c5 s4:rpc_server: Use lpcfg_dns_hostname() in dns_server.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-05-22 20:33:36 +00:00
Andreas Schneider
8ae565a14b s4:dns_server: Use lpcfg_dns_hostname() in dlz_bind9.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-05-22 20:33:36 +00:00
Douglas Bagnall
dde973d170 s4:dns_server: less noisy, more informative debug messages
This shouldn't have been DBG_ERR, and it might as well say something
about the tombstone.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15630

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr 12 15:18:05 UTC 2024 on atb-devel-224
2024-04-12 15:18:05 +00:00
Douglas Bagnall
42ead21348 s4:dns_server: use NUMERIC_CMP in rec_cmp()
dnsp_DnssrvRpcRecord.dwTimeStamp is uint32_t, making overflow possible.

dnsp_DnssrvRpcRecord.wType is an enum, which has the size of an int,
though it may be hard to set it to overflowing values.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-10 22:56:33 +00:00
Douglas Bagnall
ee4ebcccd7 s4: use numeric_cmp in dns_common_sort_zones()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-10 22:56:33 +00:00
Andrew Bartlett
784ee21616 pyldb: Include a reference to the Ldb in objects that use
This will help avoid use-after-free of the internally cached ldb within
struct ldb_dn by ensuring that it lives as long.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-04-10 05:13:32 +00:00
Andrew Bartlett
8b0d00a8e3 pyldb: Move PyErr_LDB_OR_RAISE() and PyErr_LDB_DN_OR_RAISE() into pyldb.h
While these style of macros are against our coding style, it is still better
to have them in a single place, and while pyldb.h is technically public
Samba is the only user of the C bindings.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-03 22:33:35 +00:00
Andrew Bartlett
6c3ca9e496 dns: Use pyldb_check_type() in PyErr_LDB_DN_OR_RAISE()
This prepares to move this macro into pyldb.h

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-03 22:33:35 +00:00
Andrew Bartlett
0839999c94 dns: Use pyldb_Ldb_AsLdbContext() in PyErr_LDB_OR_RAISE()
This prepares to move this macro into pyldb.h

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-03 22:33:35 +00:00
Andreas Schneider
9621a3d7a6 Use python.h from libreplace
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 15:37:33 +00:00
Douglas Bagnall
ffdd9ddeae s4:dns_server: loudly warn when a tombstone record has other records
This shouldn't happen -- that is, there should never be non-tombstone
records in conjunction with a tombstone record -- and if it does, the
situation should resolve itself here. But the flow is confusing and
strange things sometimes happen often enough that it would be helpful
to know if this ever occurs.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-26 01:24:32 +00:00
Ralph Boehme
4d1088faea libcli/util: add struct tstream_context to tstream_read_pdu_blob_full_fn_t
Add struct tstream_context to tstream_read_pdu_blob_full_fn_t and update
all callers of tstream_read_pdu_blob_send() to use the correct callback.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-25 22:23:38 +00:00
Stefan Metzmacher
341e800dfe s4:dns_server: make use of tstream_bsd_fail_readv_first_error(true)
This avoids doing useless work in case the client connection
is already broken.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:37 +00:00
Joseph Sutton
1ad4dd9288 s4:dns_server: Check return value of ldb_transaction_commit() (CID 1034631)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-13 02:18:31 +00:00
Joseph Sutton
d3b1aa6359 s4:dns_server: Merge similar code paths
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-13 02:18:31 +00:00
Andrew Bartlett
f1fcbc0f10 s4-auth: pass lp_ctx to auth_generate_session_info() where possible
For non-testing callers of auth_generate_session_info(), passing
lp_ctx will allow us to correctly set a flag indicating if claims
should be evaluated.

For testing applications, the default will allow safe operation
inspecting the SID list.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-09-26 23:45:35 +00:00
Joseph Sutton
8a93a4fa6c s4:dns_server: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
1e753542aa s4:dns_server: Add missing newline to logging message
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Andreas Schneider
ed3c1fcb87 s4:dns_server: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-08-03 14:31:34 +00:00
Stefan Metzmacher
40fb810de3 s4:dns_server: Add some more debugging in order to find problems with level 10 logs
We had customer problems where level 10 logs were not good enough in
order to find the reason for failing dns updates.

With the new debug message there's at least a chance to
find out what the problem could be.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-07-19 09:58:37 +00:00
Stefan Metzmacher
76b0530e67 s4:dns_server: defer calling werr_to_dns_err() in a central place
The WERROR codes are much more verbose and it's better to
keep them until we really need the mapping to DNS error codes.

This will allow us to create much better debug messages in
the next commit.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-07-19 09:58:37 +00:00
Björn Jacke
fa700369a9 dns_update.c: use DBG* macros instead of static log level numbers
Some log levels change because the macros don't cover all the previously used
log levels or because importance was slightly reconsidered.

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-06-16 20:28:29 +00:00
Joseph Sutton
f414bead52 s4:dnsserver: Check all records, not just one
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-03-03 01:07:36 +00:00
Joseph Sutton
14d94460ca auth: Pass through entire PAC flags value in auth_user_info
Besides the NETLOGON_GUEST bit indicating whether the user has been
authenticated, we now carry all of the other bits as well. This lets us
match Windows' behaviour of simply passing these bits through to an
updated PAC when processing a TGS-REQ.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-02-08 00:03:39 +00:00
Samuel Cabrero
fcecdfa8e5 s4:dnsserver: Rename dns_name_equal() to samba_dns_name_equal()
This function already exists in bind9 but takes different arguments, so when
the DLZ is loaded and this function is called bind crashes:

  named[1523]: samba_dlz: allowing update of signer=DESKTOP-8BUKMBK\$\@AFOREST.AD name=118.101.168.192.in-addr.arpa tcpaddr=192.168.101.118  type=PTR key=1264-ms-7.1-2ac9.9ef238e1-9747-11ed-9f95-525400dc6981/159/0
  named[1523]: samba_dlz: allowing update of signer=DESKTOP-8BUKMBK\$\@AFOREST.AD name=118.101.168.192.in-addr.arpa tcpaddr=192.168.101.118  type=PTR key=1264-ms-7.1-2ac9.9ef238e1-9747-11ed-9f95-525400dc6981/159/0
  named[1523]: client @0x7f26caa90f68 192.168.101.118#58223/key DESKTOP-8BUKMBK\$\@AFOREST.AD: updating zone '101.168.192.in-addr.arpa/NONE': deleting rrset at '118.101.168.192.in-addr.ar
  named[1523]: name.c:664: REQUIRE(((name1) != ((void *)0) && ((const isc__magic_t *)(name1))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n'))))) failed, back trace

Backtrace:

  #0  0x00007f2716c957ec in __pthread_kill_implementation () from /lib64/libc.so.6
  #1  0x00007f2716c42816 in raise () from /lib64/libc.so.6
  #2  0x00007f2716c2b81c in abort () from /lib64/libc.so.6
  #3  0x000055d4de847995 in assertion_failed (file=<optimized out>, line=<optimized out>,
      type=<optimized out>, cond=<optimized out>) at /usr/src/debug/bind-9.18.10/bin/named/main.c:237
  #4  0x00007f27176388fc in isc_assertion_failed (file=file@entry=0x7f27173b0df6 "name.c",
      line=line@entry=664, type=type@entry=isc_assertiontype_require,
      cond=cond@entry=0x7f27173b0268 "((name1) != ((void *)0) && ((const isc__magic_t *)(name1))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n'))))")
      at /usr/src/debug/bind-9.18.10/lib/isc/assertions.c:48
  #5  0x00007f27172946f9 in dns_name_equal (name1=<optimized out>, name2=<optimized out>)
      at /usr/src/debug/bind-9.18.10/lib/dns/name.c:664

  **** Here bind's dns_name_equal() is called instead of samba's dns_name_equal() ****

  #6  0x00007f27077ad6f2 in dns_record_match (rec1=0x7f26f8042d70, rec2=0x7f26f8044d10)
      at ../../source4/dns_server/dnsserver_common.c:1346
  #7  0x00007f271404732c in b9_record_match (rec1=0x7f26f8042d70, rec2=0x7f26f8044d10)
      at ../../source4/dns_server/dlz_bind9.c:1830
  #8  0x00007f2714047daa in dlz_subrdataset (name=0x7f2706ff82f0 "118.101.168.192.in-addr.arpa",
      rdatastr=0x7f26c9c10000 "118.101.168.192.in-addr.arpa.\t1200\tIN\tPTR\tDESKTOP-8BUKMBK.aforest.ad.",
      dbdata=0x7f271003d300, version=0x7f26f8044b20) at ../../source4/dns_server/dlz_bind9.c:2077
  #9  0x000055d4de84afb4 in dlopen_dlz_subrdataset (name=0x7f2706ff82f0 "118.101.168.192.in-addr.arpa",
      rdatastr=<optimized out>, driverarg=<optimized out>, dbdata=0x7f270430f680, version=<optimized out>)
      at /usr/src/debug/bind-9.18.10/bin/named/dlz_dlopen_driver.c:483
  #10 0x00007f271738e734 in modrdataset.constprop.0 (db=0x7f2704291740, node=0x7f26c9c006e0,
      version=0x7f26f8044b20, rdataset=0x7f2706ff8830,
      mod_function=0x55d4de84af80 <dlopen_dlz_subrdataset>, options=<optimized out>)
      at /usr/src/debug/bind-9.18.10/lib/dns/sdlz.c:1107
  #11 0x00007f2717251855 in diff_apply (diff=diff@entry=0x7f2706ff8df0, db=db@entry=0x7f2704291740,
      ver=ver@entry=0x7f26f8044b20, warn=warn@entry=true) at /usr/src/debug/bind-9.18.10/lib/dns/diff.c:370
  #12 0x00007f2717251c8a in dns_diff_apply (diff=diff@entry=0x7f2706ff8df0, db=db@entry=0x7f2704291740,
      ver=ver@entry=0x7f26f8044b20) at /usr/src/debug/bind-9.18.10/lib/dns/diff.c:465
  #13 0x00007f2717d105aa in do_one_tuple (tuple=tuple@entry=0x7f2706ff8e50, db=db@entry=0x7f2704291740,
      ver=ver@entry=0x7f26f8044b20, diff=diff@entry=0x7f2706ff9400)
      at /usr/src/debug/bind-9.18.10/lib/ns/update.c:454
  #14 0x00007f2717d10fff in update_one_rr (rdata=0x7f2706ff8ee8, ttl=<optimized out>,
      name=<optimized out>, op=DNS_DIFFOP_DEL, diff=0x7f2706ff9400, ver=0x7f26f8044b20, db=0x7f2704291740)
      at /usr/src/debug/bind-9.18.10/lib/ns/update.c:505
  #15 delete_if_action (data=<optimized out>, rr=0x7f2706ff8ee0)
      at /usr/src/debug/bind-9.18.10/lib/ns/update.c:1427
  #16 0x00007f2717d10ccd in foreach_rr (db=0x7f2704291740, ver=<optimized out>, name=0x7f26caa61d00,
      type=<optimized out>, covers=<optimized out>,
      rr_action=rr_action@entry=0x7f2717d10f60 <delete_if_action>, rr_action_data=0x7f2706ff9280)
      at /usr/src/debug/bind-9.18.10/lib/ns/update.c:736
  #17 0x00007f2717d10e76 in delete_if (predicate=predicate@entry=0x7f2717d0fb10 <true_p>,
      db=<optimized out>, ver=<optimized out>, name=<optimized out>, type=<optimized out>,
      covers=<optimized out>, update_rr=0x7f2706ff94b0, diff=0x7f2706ff9400)
      at /usr/src/debug/bind-9.18.10/lib/ns/update.c:1454
  #18 0x00007f2717d1bccd in update_action (task=<optimized out>, event=<optimized out>)
      at /usr/src/debug/bind-9.18.10/lib/ns/update.c:3299
  #19 0x00007f271765eb4c in task_run (task=0x7f27155ccf00)
      at /usr/src/debug/bind-9.18.10/lib/isc/task.c:823
  #20 isc_task_run (task=0x7f27155ccf00) at /usr/src/debug/bind-9.18.10/lib/isc/task.c:904
  #21 0x00007f271762cb12 in isc__nm_async_task (worker=0x7f2716236560, ev0=0x7f26caa07000)
      at netmgr/netmgr.c:840
  #22 process_netievent (worker=worker@entry=0x7f2716236560, ievent=0x7f26caa07000) at netmgr/netmgr.c:918
  #23 0x00007f271762d197 in process_queue (worker=worker@entry=0x7f2716236560,
      type=type@entry=NETIEVENT_TASK) at netmgr/netmgr.c:1011
  #24 0x00007f271762d3b3 in process_all_queues (worker=0x7f2716236560) at netmgr/netmgr.c:765
  #25 async_cb (handle=0x7f27162368c0) at netmgr/netmgr.c:794
  #26 0x00007f2717c4cb0d in uv__async_io (loop=0x7f2716236570, w=<optimized out>, events=<optimized out>)
      at src/unix/async.c:163
  #27 0x00007f2717c6825d in uv__io_poll (loop=0x7f2716236570, timeout=<optimized out>)
      at src/unix/epoll.c:374
  #28 0x00007f2717c5247a in uv__io_poll (timeout=<optimized out>, loop=0x7f2716236570)
      at src/unix/udp.c:122
  #29 uv_run (loop=loop@entry=0x7f2716236570, mode=mode@entry=UV_RUN_DEFAULT) at src/unix/core.c:406
  #30 0x00007f271762d834 in nm_thread (worker0=0x7f2716236560) at netmgr/netmgr.c:696
  #31 0x00007f27176627f5 in isc__trampoline_run (arg=0x55d4dfe3ad70)
      at /usr/src/debug/bind-9.18.10/lib/isc/trampoline.c:189
  #32 0x00007f2716c9398d in start_thread () from /lib64/libc.so.6
  #33 0x00007f2716d19344 in clone () from /lib64/libc.so.6

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14030

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Samuel Cabrero <scabrero@samba.org>
Autobuild-Date(master): Thu Jan 19 10:20:27 UTC 2023 on atb-devel-224
2023-01-19 10:20:27 +00:00
Volker Lendecke
c86112fe90 dns_server: Use talloc_asprintf_addbuf() in b9_format()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-14 04:32:34 +00:00
Joseph Sutton
0a3aa5f908 CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message
This aims to minimise usage of the error-prone pattern of searching for
a just-added message element in order to make modifications to it (and
potentially finding the wrong element).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2022-07-27 10:52:36 +00:00
Douglas Bagnall
8261545a0f bind_dlz: some commentary for b9_format
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-06-17 01:28:30 +00:00
Douglas Bagnall
f1017c6f2d dns/dlz: remember old timestamp for dynamic records
If we don't tell dns_common_replace() the old timestamp, it will
think the node is static because the timestamp is 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-06-17 01:28:30 +00:00
Michael Saxl
590d2e169c dlz_bind9: call dns_name_is_static before adding space for record
dns_name_is_static is called after adding a uninitialized element to
recs. There is a chance that the uninizialized memory reads a element
with dwTimeStamp=0 and wType!=0. In that case dns_name_is_static will
return true

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Michael Saxl <mike@mwsys.mine.bz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-06-17 01:28:30 +00:00
Douglas Bagnall
03036442de s4/dlz: add support for bind 9.18
It seems nothing has changed since 9.16 for our purposes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14986

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andreas Hasenack <andreas@canonical.com>
Pair-programmed-with: Andreas Hasenack <andreas@canonical.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Mon May 23 00:53:09 UTC 2022 on sn-devel-184
2022-05-23 00:53:09 +00:00
Thomas Debesse
206909d52b s4: dns: Add customizable dns port option
Signed-off-by: Thomas Debesse <dev@illwieckz.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 25 20:25:28 UTC 2022 on sn-devel-184
2022-03-25 20:25:28 +00:00
Andreas Schneider
116123e921 s4:dns_server: Remove less-than-zero comparison of an unsigned value
This will never be true. Found by covscan

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-12-15 19:32:30 +00:00
Joseph Sutton
3d490c225b s4/dnsserver: Fix NULL check
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-09-04 00:10:37 +00:00
Joseph Sutton
15f0d34d34 s4/dnsserver: Don't call memcpy() with a NULL pointer
Doing so is undefined behaviour.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-09-04 00:10:37 +00:00
Douglas Bagnall
6d216dc365 dns update: zero flags and reserved
This is the observed behaviour on Windows.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-07-05 04:16:34 +00:00
Douglas Bagnall
9d3731cd16 dns_common_replace: do not leak
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-07-05 04:16:34 +00:00
Douglas Bagnall
e6e3dc8bd3 pydns: fix a comment in replace_by_dn()
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-07-05 04:16:34 +00:00
Douglas Bagnall
7a111c1f35 dns_server: free old zones when reloading
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-07-05 04:16:34 +00:00
Douglas Bagnall
54b9271eb5 s4/dns_common_replace: add comments about tombstones
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-07-05 04:16:34 +00:00
Douglas Bagnall
26bb958af8 dns_common_replace: comment in needs_add case
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-07-05 04:16:34 +00:00