IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This avoids doing useless work in case the client connection
is already broken.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We had customer problems where level 10 logs were not good enough in
order to find the reason for failing dns updates.
With the new debug message there's at least a chance to
find out what the problem could be.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The WERROR codes are much more verbose and it's better to
keep them until we really need the mapping to DNS error codes.
This will allow us to create much better debug messages in
the next commit.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Thomas Debesse <dev@illwieckz.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 25 20:25:28 UTC 2022 on sn-devel-184
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Nov 27 10:07:18 UTC 2020 on sn-devel-184
Add a post fork hook to the service API this will be called:
- standard process model
immediately after the task_init.
- single process model
immediately after the task_init
- prefork process model, inhibit_pre_fork = true
immediately after the task_init
- prefork process model, inhibit_pre_fork = false
after each service worker has forked. It is not run on the service
master process.
The post fork hook is not called in the standard model if a new process
is forked on a new connection. It is instead called immediately after
the task_init.
The task_init hook has been changed to return an error code. This ensures
the post_fork code is only run if the task_init code completed successfully.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This would have to be retrieved from the interface type we have I guess.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 4 05:08:02 CET 2018 on sn-devel-144
Instead, except in RPC which is a special SNOWFLAKE, we rely on the struct
service_details in the init function.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Refactor the process model code to allow the addition of a prefork
process model.
- Add a process context to contain process model specific state
- Add a service details structure to allow service to indicate which
process model options they can support.
In the new code the services advertise the features they support to the
process model. The process model context is plumbed through to allow the
process model to keep track of the supported options, and any state
the process model may require.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This allows lookups to be confined to one partition, which in turn avoids issues
when running this against MS Windows, which does not match Samba behaviour
for dns_common_zones()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Use the passed in context from callers. Remove one
talloc_autofree_context().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Not currently used - no logic changes inside.
This will make it possible to pass down a long-lived talloc
context from the loading function for modules to use instead
of having them internally all use talloc_autofree_context()
which is a hidden global.
Updated all known module interface numbers, and added a
WHATSNEW.
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144
This can be used for logging and for Kerberos channel bindings
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This final patch enables sending TSIG error records by adding
DNS_RCODE_NOTAUTH to the set of error conditions that are allowed to
trigger sending a full generated response.
See RFC 2845 "4.5.1. KEY check and error handling" and "4.5.3. MAC check
and error handling".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11520
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Call dns_verify_tsig() after updating state.flags and assign and use
out_packet for dns_verify_tsig().
We will need the updated flags when sending TSIG error responses when
TSIG request MAC verification fails and dns_verify_tsig() uses the
passed in packet as response, so we have to make sure we copy in_packet
to out_packet before calling out and pass out_packet.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11520
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This allows a secondary DNS forwarder for a trivial failover. Requests
which fail/timeout at the primary DNS forwarder will be restarted
entirely with the next forwarder in the list.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This will allow a python module to be written to modify DNS entries in sam.ldb directly
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Thu Aug 6 14:06:52 CEST 2015 on sn-devel-104
Setup a RPC management call on the internal DNS server triggered a new LDB
module which sniffs dnsZone object add, delete and modify operations. This
way the notification is triggered when zones are modified either from RPC or
replicated by inbound DRS.
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
(shadowed variable error corrected by abartlet)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Allow us to start if we bind to *either* :: or 0.0.0.0.
Allows us to cope with systems configured as only IPv4
or only IPv6.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
Reviewed-By: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104
Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10464
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Change-Id: Ib317d71dea01fc8ef6b6a26455f15a8a175d59f6
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 7 02:18:17 CET 2014 on sn-devel-104
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Sat May 18 12:48:15 CEST 2013 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 24 10:12:51 CEST 2012 on sn-devel-104
Acked-By: Kai Blin <kai@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Sat Oct 13 12:37:53 CEST 2012 on sn-devel-104
RootDNSServers should never be returned (Windows DNS server don't)
..TrustAnchors should never be returned as is, (Windows returns
TrustAnchors) and for the moment we don't support DNSSEC so we'd better
not return this zone.
Signed-off-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue Oct 2 09:43:52 CEST 2012 on sn-devel-104
We need the wildcard binding feature otherwise we might get bound to a
private interface in case of multiple interfaces and no "interfaces"
parameter in smb.conf.
Code taken from source4/ldap_server/ldap_server.c
Signed-off-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Sun Sep 23 23:44:03 CEST 2012 on sn-devel-104
I've pushed the wrong branch for this, sorry about that.
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Wed Sep 5 14:10:54 CEST 2012 on sn-devel-104