Changeset 862 for trunk/server/source3/utils/net_dns.c

Timestamp:

May 13, 2014, 11:39:04 AM (11 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: update trunk to 3.6.23

Location:

trunk/server

Files:

• . (modified) (1 prop)
• source3/utils/net_dns.c (modified) (6 diffs)

trunk/server/source3/utils/net_dns.c

@@ -23 +23 @@
 #include "utils/net.h"
 #include "../lib/addns/dns.h"
+#include "utils/net_dns.h"
 
 #if defined(WITH_DNS_UPDATES)
-/*
- * Silly prototype to get rid of a warning
- */
+
+/*********************************************************************
+*********************************************************************/
 
 DNS_ERROR DoDNSUpdate(char *pszServerName,
                       const char *pszDomainName, const char *pszHostName,
-                      const struct sockaddr_storage *sslist,
-                      size_t num_addrs );
-
-/*********************************************************************
-*********************************************************************/
-
-DNS_ERROR DoDNSUpdate(char *pszServerName,
-                      const char *pszDomainName, const char *pszHostName,
-                      const struct sockaddr_storage *sslist, size_t num_addrs )
+                      const struct sockaddr_storage *sslist, size_t num_addrs,
+                      uint32_t flags)
 {
         DNS_ERROR err;
@@ -47 +41 @@
         struct dns_update_request *req, *resp;
 
+        DEBUG(10,("DoDNSUpdate called with flags: 0x%08x\n", flags));
+
+        if (!(flags & DNS_UPDATE_SIGNED) &&
+            !(flags & DNS_UPDATE_UNSIGNED) &&
+            !(flags & DNS_UPDATE_PROBE)) {
+                return ERROR_DNS_INVALID_PARAMETER;
+        }
+
         if ( (num_addrs <= 0) || !sslist ) {
                 return ERROR_DNS_INVALID_PARAMETER;
@@ -60 +62 @@
         }
 
-        /*
-         * Probe if everything's fine
-         */
-
-        err = dns_create_probe(mem_ctx, pszDomainName, pszHostName,
-                               num_addrs, sslist, &req);
-        if (!ERR_DNS_IS_OK(err)) goto error;
-
-        err = dns_update_transaction(mem_ctx, conn, req, &resp);
-        if (!ERR_DNS_IS_OK(err)) goto error;
-
-        if (dns_response_code(resp->flags) == DNS_NO_ERROR) {
-                TALLOC_FREE(mem_ctx);
-                return ERROR_DNS_SUCCESS;
-        }
-
-        /*
-         * First try without signing
-         */
-
-        err = dns_create_update_request(mem_ctx, pszDomainName, pszHostName,
-                                        sslist, num_addrs, &req);
-        if (!ERR_DNS_IS_OK(err)) goto error;
-
-        err = dns_update_transaction(mem_ctx, conn, req, &resp);
-        if (!ERR_DNS_IS_OK(err)) goto error;
-
-        if (dns_response_code(resp->flags) == DNS_NO_ERROR) {
-                TALLOC_FREE(mem_ctx);
-                return ERROR_DNS_SUCCESS;
+        if (flags & DNS_UPDATE_PROBE) {
+
+                /*
+                 * Probe if everything's fine
+                 */
+
+                err = dns_create_probe(mem_ctx, pszDomainName, pszHostName,
+                                       num_addrs, sslist, &req);
+                if (!ERR_DNS_IS_OK(err)) goto error;
+
+                err = dns_update_transaction(mem_ctx, conn, req, &resp);
+                if (!ERR_DNS_IS_OK(err)) goto error;
+
+                if (!ERR_DNS_IS_OK(err)) {
+                        DEBUG(3,("DoDNSUpdate: failed to probe DNS\n"));
+                }
+
+                if ((dns_response_code(resp->flags) == DNS_NO_ERROR) &&
+                    (flags & DNS_UPDATE_PROBE_SUFFICIENT)) {
+                        TALLOC_FREE(mem_ctx);
+                        return ERROR_DNS_SUCCESS;
+                }
+        }
+
+        if (flags & DNS_UPDATE_UNSIGNED) {
+
+                /*
+                 * First try without signing
+                 */
+
+                err = dns_create_update_request(mem_ctx, pszDomainName, pszHostName,
+                                                sslist, num_addrs, &req);
+                if (!ERR_DNS_IS_OK(err)) goto error;
+
+                err = dns_update_transaction(mem_ctx, conn, req, &resp);
+                if (!ERR_DNS_IS_OK(err)) goto error;
+
+                if (!ERR_DNS_IS_OK(err)) {
+                        DEBUG(3,("DoDNSUpdate: unsigned update failed\n"));
+                }
+
+                if ((dns_response_code(resp->flags) == DNS_NO_ERROR) &&
+                    (flags & DNS_UPDATE_UNSIGNED_SUFFICIENT)) {
+                        TALLOC_FREE(mem_ctx);
+                        return ERROR_DNS_SUCCESS;
+                }
         }
 
@@ -95 +113 @@
          * Okay, we have to try with signing
          */
-        {
+        if (flags & DNS_UPDATE_SIGNED) {
                 gss_ctx_id_t gss_context;
                 char *keyname;
+
+                err = dns_create_update_request(mem_ctx, pszDomainName, pszHostName,
+                                                sslist, num_addrs, &req);
+                if (!ERR_DNS_IS_OK(err)) goto error;
 
                 if (!(keyname = dns_generate_keyname( mem_ctx ))) {
@@ -129 +151 @@
                 err = (dns_response_code(resp->flags) == DNS_NO_ERROR) ?
                         ERROR_DNS_SUCCESS : ERROR_DNS_UPDATE_FAILED;
+
+                if (!ERR_DNS_IS_OK(err)) {
+                        DEBUG(3,("DoDNSUpdate: signed update failed\n"));
+                }
         }
 
@@ -177 +203 @@
         return count;
 }
-
-/*
- * Silly prototype to get rid of a warning
- */
-
-DNS_ERROR do_gethostbyname(const char *server, const char *host);
 
 DNS_ERROR do_gethostbyname(const char *server, const char *host)