summaryrefslogtreecommitdiff
path: root/source4/dns_server
AgeCommit message (Collapse)AuthorFilesLines
2014-11-24s4-dns: dlz-bind: Add trailing '.' to all fqdn stringsAmitay Isaacs1-10/+45
BIND 9.10.x is strict when sending records via putrr and putnamedrr. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10620 Thanks to Guenter Kukkukk for identifying the problem and resolution. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Guenter Kukkukk <kukks@samba.org> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Fri Nov 21 06:14:55 CET 2014 on sn-devel-104 (cherry picked from commit b7f6b09a13daaa702aef5a0ab9f458521e4902b1) Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Mon Nov 24 23:27:37 CET 2014 on sn-devel-104
2014-11-24s4-dns: Add support for BIND 9.10Amitay Isaacs2-1/+29
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Sat Oct 25 05:42:19 CEST 2014 on sn-devel-104 (cherry picked from commit faa3423d1a26eb6103389b234add0f1e8d0dfc08) Conflicts: python/samba/provision/sambadns.py source4/dns_server/dlz_bind9.c source4/setup/named.conf.dlz
2014-11-24s4-dns: Update dlz_minimal.h based on BIND release 9.10Amitay Isaacs1-54/+153
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Matthieu Patou <mat@matws.net> (cherry picked from commit aeb6ad8a9c2713c6c71a2ac4cd355dd1bda6cc51)
2014-11-24s4-dns: Check DLZ_DLOPEN_VERSION for different BIND versionsAmitay Isaacs2-14/+10
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Matthieu Patou <mat@matws.net> (cherry picked from commit 1e5c14548c8d03f66aaa908654c94f36a94455f2)
2014-09-08s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() before add/modifyStefan Metzmacher1-56/+21
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 27 15:21:19 CEST 2014 on sn-devel-104 (cherry picked from commit d68a2ebecd244181b1238635ee54dadd05835525)
2014-09-08s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() before removing recordsStefan Metzmacher1-46/+7
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 11bbfd932c113b3222bc93d59702271a3777b6f3)
2014-09-08s4:dlz_bind9: let dlz_bind9 use dns_common_replace()Stefan Metzmacher1-77/+50
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Change-Id: I2fd2503230cbf89445594e49f39ac321769ff06e Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit fd952bf814835c4860ab10794225fbd583ee3ad5)
2014-09-08s4:dlz_bind9: let dlz_bind9 use dns_common_extract()Stefan Metzmacher1-57/+61
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Change-Id: I7c661964a3da1a1981f022a06b9bef25bbd33479 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit dedcf30fd12821c272002e3b4cbfda4ca38650fd)
2014-09-08s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() for name lookupStefan Metzmacher2-53/+21
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Change-Id: I2632fa0ce120a978f6f400fa5cbf18a7fbbd64a3 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 96dcebe8c20b9aa954a96a4deabe16957576be2c)
2014-09-08s4:dlz_bind9: do an early talloc_free(el_ctx) in dlz_allnodes()Stefan Metzmacher1-0/+2
We don't have to keep everything arround while walking the whole zone. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 5d397c8198bcd2cdccc3deda57377d4696e6abd1)
2014-09-08s4:dlz_bind9: avoid some compiler warningsStefan Metzmacher2-4/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit fbebe7e756e4ccd0684e94e9b1e787f98f399ccc)
2014-09-08s4:dns_server: handle tombstones in handle_one_update()Stefan Metzmacher1-16/+25
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 491715399ff7e1ab788fec5e254581dc312e2cef)
2014-09-08s4:dns_server: add DNS_TYPE_TOMBSTONE support to dns_common_replace()Stefan Metzmacher1-4/+77
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit bb3ca930cc57964487bd23a74f4caabd1616a8bf)
2014-09-08s4:dns_server: make sure dns_common_lookup() doesn't return tombstonesStefan Metzmacher3-6/+53
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit a0a81ab01cb1d509b04f9af25177c8e0941b43aa)
2014-09-08s4:dns_server: use .wType = DNS_TYPE_TOMBSTONE instead of ZERO_STRUCT()Stefan Metzmacher1-5/+15
The result is the same, but it is clearer. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 3ff025a02cca3ff209668edd419d0e440e9865c6)
2014-09-08s4:dns_server: split out dns_common_replace()Stefan Metzmacher4-68/+90
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 0689e795e073008d2ad539c0ef5ddbdc6d9efdac)
2014-09-08s4:dns_server: remove const from dns_replace_records()Stefan Metzmacher2-2/+2
All callers are find we the record array gets modified. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 7e7df78bd7ae5575da7443b45c0e2e4167eebde2)
2014-09-08s4:dns_server: split out dns_common_extract() and dns_common_lookup()Stefan Metzmacher3-44/+92
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 342a087349f8a10833338a3fa49fbd4d4d29f3e5)
2014-09-08s4:dns_server: split out a private 'dnsserver_common' libraryStefan Metzmacher5-36/+105
This will contain common code for the internal dns server, the dlz_bind9 module and the rpc dns management server. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 99d5a5ead4f33723c25e8716a79d34b53822521e)
2014-09-08s4:dns_server: map LDB_ERR_NO_SUCH_OBJECT to WERR_DNS_ERROR_NAME_DOES_NOT_EXISTStefan Metzmacher2-14/+24
This is the correct fix for commit 8b24c43b382740106474e26dec59e1419ba77306 and Bug: https://bugzilla.samba.org/show_bug.cgi?id=9559 With this change we have a consistent behavior between internal server and the bind dlz module. We keep a dangling LDAP object without dnsRecord attribute arround forever. This will be fixed in the following commits. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit d0f424a23dc915d9fce625438d2bd63519757cba)
2014-09-08s4:dns_server: handle WERR_DNS_ERROR_NAME_DOES_NOT_EXIST in werr_to_dns_err()Stefan Metzmacher1-0/+2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit deb21a9afe77591743fda522355a5a9eb08fb27b)
2014-07-15kerberos: Remove un-used event context argument from smb_krb5_init_context()Andrew Bartlett1-1/+1
The event context here was only specified in the server or admin-tool context, which does not do network communication, so this only caused a talloc_reference() and never any useful result. The actual network communication code sets an event context directly before making the network call. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Apr 28 02:24:57 CEST 2014 on sn-devel-104 (cherry picked from commit 086c06e361962e1c118d8eed2316e9df7834ae8b)
2014-07-15s3/s4: smbd, rpc, ldap, cldap, kdc services.Jeremy Allison1-1/+8
Allow us to start if we bind to *either* :: or 0.0.0.0. Allows us to cope with systems configured as only IPv4 or only IPv6. Bug #10653 - Samba won't start on a machine configured with only IPv4. https://bugzilla.samba.org/show_bug.cgi?id=10653 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104 (cherry picked from commit 463311422ca1caad2e228deb630e9d12e212fae1)
2014-05-20bug #10609: CVE-2014-0239 Don't reply to repliesKai Blin1-0/+6
Due to insufficient input checking, the DNS server will reply to a packet that has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed sender address and have two servers DOS each other with circular replies. This patch fixes bug #10609 and adds a test to make sure we don't regress. CVE-2014-2039 has been assigned to this issue. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104 (cherry picked from commit 392ec4d241eb19c812cd49ff73bd32b2b09d8533) Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Tue May 20 13:54:40 CEST 2014 on sn-devel-104
2014-04-01bug #10471: Don't respond with NXDOMAIN to records that exist with another typeKai Blin1-6/+8
DNS queries for records with the wrong type need to trigger an empty response with RCODE_OK instead of returning NXDOMAIN. This adds a test and fixes bug #10471 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit d9829df13317b38677d92a499134727ab31fbb0e)
2014-04-01s4:lib/socket: simplify iface_list_wildcard() and its callersStefan Metzmacher1-4/+4
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10464 Signed-off-by: Stefan Metzmacher <metze@samba.org> Change-Id: Ib317d71dea01fc8ef6b6a26455f15a8a175d59f6 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 7 02:18:17 CET 2014 on sn-devel-104 (cherry picked from commit f7883ae02a4e8935a44396f776712cebfd411e52)
2013-06-01dns: Delete dnsNode objects when they are emptyKai Blin1-1/+7
If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-05-26dns: Support larger queries when asking forwarderKai Blin4-0/+40
This should fix bug #9632 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-05-18dns: Also print packet information for DBGC_DNSKai Blin1-5/+5
Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sat May 18 12:48:15 CEST 2013 on sn-devel-104
2013-05-16dns: Add support for MX queriesKai Blin1-0/+8
Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2013-05-16dns: Also add a print-out for the out_packetKai Blin1-0/+4
Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2013-05-16dns: Use new DNS debugclass in DNS serverKai Blin5-0/+15
Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2013-03-09s4-dns: dlz_bind9: Check result to avoid segfaultStefan Gohmann1-1/+1
We saw this issue in a customer environment with many CNF objects. I wasn't able to reproduce it, but I got the following core dump: (gdb) directory samba4-4.0.0~rc6/source4/dns_server/ Source directories searched: /root/samba4-4.0.0~rc6/source4/dns_server:$cdir:$cwd (gdb) bt #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 #1 0xb4b0bdb8 in dlz_lookup (zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", dbdata=0x9648e48, lookup=0xb6db7588) at ../source4/dns_server/dlz_bind9.c:875 #2 0x080b43d8 in dlopen_dlz_lookup () #3 0xb7701755 in findnode () from /usr/lib/libdns.so.81 #4 0xb7701d22 in find () from /usr/lib/libdns.so.81 #5 0xb7639e5f in dns_db_find () from /usr/lib/libdns.so.81 #6 0x08075476 in query_find () #7 0x0807acb9 in ns_query_start () #8 0x08060712 in client_request () #9 0xb743022b in run () from /usr/lib/libisc.so.81 #10 0xb7216955 in start_thread () from /lib/i686/cmov/libpthread.so.0 #11 0xb706c1de in clone () from /lib/i686/cmov/libc.so.6 (gdb) f 0 #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 830 el = ldb_msg_find_element(res->msgs[0], "dnsRecord"); (gdb) p res->msgs $1 = (struct ldb_message **) 0x0 (gdb) p res->count $2 = 0 (gdb) Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-04s4-dns: Fix format string vulnerability in an error message (bug #9354)Amitay Isaacs1-4/+5
Also, fixes few comments. Thanks to Bruno Rohée <bruno@rohee.org> for reporting and patch fix. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Kai Blin <kai@samba.org> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Sun Nov 4 16:58:13 CET 2012 on sn-devel-104
2012-10-24s4:dns_server: fix formatting difference compared to v4-0-testStefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Oct 24 10:12:51 CEST 2012 on sn-devel-104
2012-10-17dns_server: Try and use the dns-SERVER account if we were configured with itAndrew Bartlett1-14/+47
2012-10-13s4-dns: Fix the comments about ignoring zones in internal serverMatthieu Patou1-1/+7
Acked-By: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sat Oct 13 12:37:53 CEST 2012 on sn-devel-104
2012-10-09s4-dns: dlz_bind9: Ignore zones that are not used by BIND9 DLZ pluginAmitay Isaacs1-0/+5
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
2012-10-08s4-dns: fix a warningMatthieu Patou1-2/+1
Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Oct 8 10:45:41 CEST 2012 on sn-devel-104
2012-10-07s4-dns: Ignore zones that shouldn't be returned currentlyMatthieu Patou1-1/+7
RootDNSServers should never be returned (Windows DNS server don't) ..TrustAnchors should never be returned as is, (Windows returns TrustAnchors) and for the moment we don't support DNSSEC so we'd better not return this zone.
2012-10-02s4-dns: fix a non handled memory out of memoryMatthieu Patou1-0/+1
Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue Oct 2 09:43:52 CEST 2012 on sn-devel-104
2012-09-30s4 dns: Fix return code for deleted recordsKai Blin1-1/+1
This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30s4 dns: Get rid of deprecated allocation result checkKai Blin1-1/+3
2012-09-23s4:dns_server - introduce the wildcard binding featureMatthias Dieter Wallnöfer1-10/+28
We need the wildcard binding feature otherwise we might get bound to a private interface in case of multiple interfaces and no "interfaces" parameter in smb.conf. Code taken from source4/ldap_server/ldap_server.c Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 23 23:44:03 CEST 2012 on sn-devel-104
2012-09-12dns_server: Remove parameter 'dns recursive queries' and base this on 'dns ↵Andrew Bartlett1-2/+3
forwarder' This simplifies a very common configuration. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-12s4:dns_server: remove wrong and unused dsdb_check_access_on_dn() checkStefan Metzmacher1-16/+0
metze
2012-09-12dns_server: Attempt to SET and UNSET the sessionInfo to match the incoming userAndrew Bartlett1-2/+24
This avoids re-opening the DB as the correct user, but applies all the right ACLs and resulting owner. This needs a bit more testing... Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Kai Blin <kai@samba.org>
2012-09-12s4 dns: Improve logging of delegated dns updatesKai Blin1-1/+1
2012-09-07s4 dns: Make debug output less noisyKai Blin4-16/+16
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Sep 7 00:31:56 CEST 2012 on sn-devel-104
2012-09-06s4 dns: Check if signing user is allowed to update recordsKai Blin1-16/+56
This should fix bug #9142
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-08 21:57:56 +0000