summaryrefslogtreecommitdiff
path: root/source3/utils/net_ads.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/utils/net_ads.c')
-rw-r--r--source3/utils/net_ads.c44
1 files changed, 26 insertions, 18 deletions
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index f751d688aa..8f8b7b4cae 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -37,6 +37,7 @@
#include "krb5_env.h"
#include "../libcli/security/security.h"
#include "libsmb/libsmb.h"
+#include "utils/net_dns.h"
#ifdef HAVE_ADS
@@ -1123,12 +1124,9 @@ static WERROR check_ads_config( void )
#if defined(WITH_DNS_UPDATES)
#include "../lib/addns/dns.h"
-DNS_ERROR DoDNSUpdate(char *pszServerName,
- const char *pszDomainName, const char *pszHostName,
- const struct sockaddr_storage *sslist,
- size_t num_addrs );
-static NTSTATUS net_update_dns_internal(TALLOC_CTX *ctx, ADS_STRUCT *ads,
+static NTSTATUS net_update_dns_internal(struct net_context *c,
+ TALLOC_CTX *ctx, ADS_STRUCT *ads,
const char *machine_name,
const struct sockaddr_storage *addrs,
int num_addrs)
@@ -1190,7 +1188,7 @@ static NTSTATUS net_update_dns_internal(TALLOC_CTX *ctx, ADS_STRUCT *ads,
status = ads_dns_lookup_ns( ctx, root_domain, &nameservers, &ns_count );
if ( !NT_STATUS_IS_OK(status) || (ns_count == 0)) {
- DEBUG(3,("net_ads_join: Failed to find name server for the %s "
+ DEBUG(3,("net_update_dns_internal: Failed to find name server for the %s "
"realm\n", ads->config.realm));
goto done;
}
@@ -1201,12 +1199,25 @@ static NTSTATUS net_update_dns_internal(TALLOC_CTX *ctx, ADS_STRUCT *ads,
for (i=0; i < ns_count; i++) {
+ uint32_t flags = DNS_UPDATE_SIGNED |
+ DNS_UPDATE_UNSIGNED |
+ DNS_UPDATE_UNSIGNED_SUFFICIENT |
+ DNS_UPDATE_PROBE |
+ DNS_UPDATE_PROBE_SUFFICIENT;
+
+ if (c->opt_force) {
+ flags &= ~DNS_UPDATE_PROBE_SUFFICIENT;
+ flags &= ~DNS_UPDATE_UNSIGNED_SUFFICIENT;
+ }
+
+ status = NT_STATUS_UNSUCCESSFUL;
+
/* Now perform the dns update - we'll try non-secure and if we fail,
we'll follow it up with a secure update */
fstrcpy( dns_server, nameservers[i].hostname );
- dns_err = DoDNSUpdate(dns_server, dnsdomain, machine_name, addrs, num_addrs);
+ dns_err = DoDNSUpdate(dns_server, dnsdomain, machine_name, addrs, num_addrs, flags);
if (ERR_DNS_IS_OK(dns_err)) {
status = NT_STATUS_OK;
goto done;
@@ -1233,7 +1244,8 @@ done:
return status;
}
-static NTSTATUS net_update_dns_ext(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads,
+static NTSTATUS net_update_dns_ext(struct net_context *c,
+ TALLOC_CTX *mem_ctx, ADS_STRUCT *ads,
const char *hostname,
struct sockaddr_storage *iplist,
int num_addrs)
@@ -1263,18 +1275,18 @@ static NTSTATUS net_update_dns_ext(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads,
iplist = iplist_alloc;
}
- status = net_update_dns_internal(mem_ctx, ads, machine_name,
+ status = net_update_dns_internal(c, mem_ctx, ads, machine_name,
iplist, num_addrs);
SAFE_FREE(iplist_alloc);
return status;
}
-static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname)
+static NTSTATUS net_update_dns(struct net_context *c, TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname)
{
NTSTATUS status;
- status = net_update_dns_ext(mem_ctx, ads, hostname, NULL, 0);
+ status = net_update_dns_ext(c, mem_ctx, ads, hostname, NULL, 0);
return status;
}
#endif
@@ -1436,7 +1448,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
d_printf(_("Using short domain name -- %s\n"), r->out.netbios_domain_name);
if (r->out.dns_domain_name) {
- d_printf(_("Joined '%s' to realm '%s'\n"), r->in.machine_name,
+ d_printf(_("Joined '%s' to dns domain '%s'\n"), r->in.machine_name,
r->out.dns_domain_name);
} else {
d_printf(_("Joined '%s' to domain '%s'\n"), r->in.machine_name,
@@ -1479,7 +1491,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
ads_kinit_password( ads_dns );
}
- if ( !ads_dns || !NT_STATUS_IS_OK(net_update_dns( ctx, ads_dns, NULL)) ) {
+ if ( !ads_dns || !NT_STATUS_IS_OK(net_update_dns(c, ctx, ads_dns, NULL)) ) {
d_fprintf( stderr, _("DNS update failed!\n") );
}
@@ -1584,7 +1596,7 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar
return -1;
}
- ntstatus = net_update_dns_ext(ctx, ads, hostname, addrs, num_addrs);
+ ntstatus = net_update_dns_ext(c, ctx, ads, hostname, addrs, num_addrs);
if (!NT_STATUS_IS_OK(ntstatus)) {
d_fprintf( stderr, _("DNS update failed!\n") );
ads_destroy( &ads );
@@ -1605,10 +1617,6 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar
#endif
}
-#if defined(WITH_DNS_UPDATES)
-DNS_ERROR do_gethostbyname(const char *server, const char *host);
-#endif
-
static int net_ads_dns_gethostbyname(struct net_context *c, int argc, const char **argv)
{
#if defined(WITH_DNS_UPDATES)
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-29 16:32:46 +0000