The branch, master has been updated via f01c6cf s4 dns: unify error handling when bailing out via 7420698 s4 dns: Add TSIG and TKEY records to idl from e42e87d s3-docs: Fix several typos.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit f01c6cf707087141fe244a1d90c5cdcb69322820 Author: Kai Blin <k...@samba.org> Date: Wed Mar 28 12:19:51 2012 +0200 s4 dns: unify error handling when bailing out Autobuild-User: Kai Blin <k...@samba.org> Autobuild-Date: Tue May 8 15:48:25 CEST 2012 on sn-devel-104 commit 74206984daa9c707a38675df88d6bbe660d876bc Author: Kai Blin <k...@samba.org> Date: Tue Mar 13 08:04:14 2012 +0100 s4 dns: Add TSIG and TKEY records to idl ----------------------------------------------------------------------- Summary of changes: librpc/idl/dns.idl | 67 ++++++++++++++++++++++++++++++++------ source4/dns_server/dns_server.c | 23 ++++++------- 2 files changed, 67 insertions(+), 23 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl index e012162..a92c418 100644 --- a/librpc/idl/dns.idl +++ b/librpc/idl/dns.idl @@ -46,17 +46,23 @@ interface dns /* rcode values */ typedef [public] enum { - DNS_RCODE_OK = 0x0, - DNS_RCODE_FORMERR = 0x1, - DNS_RCODE_SERVFAIL = 0x2, - DNS_RCODE_NXDOMAIN = 0x3, - DNS_RCODE_NOTIMP = 0x4, - DNS_RCODE_REFUSED = 0x5, - DNS_RCODE_YXDOMAIN = 0x6, - DNS_RCODE_YXRRSET = 0x7, - DNS_RCODE_NXRRSET = 0x8, - DNS_RCODE_NOTAUTH = 0x9, - DNS_RCODE_NOTZONE = 0xA + DNS_RCODE_OK = 0x00, + DNS_RCODE_FORMERR = 0x01, + DNS_RCODE_SERVFAIL = 0x02, + DNS_RCODE_NXDOMAIN = 0x03, + DNS_RCODE_NOTIMP = 0x04, + DNS_RCODE_REFUSED = 0x05, + DNS_RCODE_YXDOMAIN = 0x06, + DNS_RCODE_YXRRSET = 0x07, + DNS_RCODE_NXRRSET = 0x08, + DNS_RCODE_NOTAUTH = 0x09, + DNS_RCODE_NOTZONE = 0x0A, + DNS_RCODE_BADSIG = 0x10, + DNS_RCODE_BADKEY = 0x11, + DNS_RCODE_BADTIME = 0x12, + DNS_RCODE_BADMODE = 0x13, + DNS_RCODE_BADNAME = 0x14, + DNS_RCODE_BADALG = 0x15 } dns_rcode; typedef [public,enum16bit] enum { @@ -105,12 +111,24 @@ interface dns DNS_QTYPE_NSEC = 0x002F, DNS_QTYPE_DNSKEY = 0x0030, DNS_QTYPE_DHCID = 0x0031, + DNS_QTYPE_TKEY = 0x00F9, + DNS_QTYPE_TSIG = 0x00FA, DNS_QTYPE_AXFR = 0x00FC, DNS_QTYPE_MAILB = 0x00FD, DNS_QTYPE_MAILA = 0x00FE, DNS_QTYPE_ALL = 0x00FF } dns_qtype; + typedef [public,enum16bit] enum { + DNS_TKEY_MODE_NULL = 0x0000, + DNS_TKEY_MODE_SERVER = 0x0001, + DNS_TKEY_MODE_DH = 0x0002, + DNS_TKEY_MODE_GSSAPI = 0x0003, + DNS_TKEY_MODE_CLIENT = 0x0004, + DNS_TKEY_MODE_DELETE = 0x0005, + DNS_TKEY_MODE_LAST = 0xFFFF + } dns_tkey_mode; + typedef [public] struct { dns_string name; dns_qtype question_type; @@ -149,6 +167,31 @@ interface dns dns_string target; } dns_srv_record; + typedef [public] struct { + dns_string algorithm; + uint32 inception; + uint32 expiration; + dns_tkey_mode mode; + uint16 error; + uint16 key_size; + uint8 key_data[key_size]; + uint16 other_size; + uint8 other_data[other_size]; + } dns_tkey_record; + + typedef [public] struct { + dns_string algorithm_name; + uint16 time_prefix; /* 0 until February 2106*/ + uint32 time; + uint16 fudge; + uint16 mac_size; + uint8 mac[mac_size]; + uint16 original_id; + uint16 error; + uint16 other_size; + uint8 other_data[other_size]; + } dns_tsig_record; + typedef [nodiscriminant,public,flag(NDR_NOALIGN)] union { [case(DNS_QTYPE_A)] ipv4address ipv4_record; [case(DNS_QTYPE_NS)] dns_string ns_record; @@ -159,6 +202,8 @@ interface dns [case(DNS_QTYPE_TXT)] dns_txt_record txt_record; [case(DNS_QTYPE_AAAA)] ipv6address ipv6_record; [case(DNS_QTYPE_SRV)] dns_srv_record srv_record; + [case(DNS_QTYPE_TSIG)] dns_tsig_record tsig_record; + [case(DNS_QTYPE_TKEY)] dns_tkey_record tkey_record; [default]; } dns_rdata; diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c index eed20d5..f9db095 100644 --- a/source4/dns_server/dns_server.c +++ b/source4/dns_server/dns_server.c @@ -100,6 +100,7 @@ static NTSTATUS dns_process(struct dns_server *dns, { enum ndr_err_code ndr_err; WERROR ret; + uint16_t dns_err = DNS_RCODE_OK; struct dns_request_state *state; struct dns_name_packet *in_packet; struct dns_name_packet *out_packet; @@ -126,12 +127,8 @@ static NTSTATUS dns_process(struct dns_server *dns, if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { TALLOC_FREE(in_packet); DEBUG(0, ("Failed to parse packet %d!\n", ndr_err)); - *out = *in; - - out->data[2] |= 0x80; /* Toggle DNS_FLAG_REPLY */ - out->data[3] |= DNS_RCODE_FORMERR; - - return NT_STATUS_OK; + dns_err = DNS_RCODE_FORMERR; + goto drop; } if (DEBUGLVL(8)) { NDR_PRINT_DEBUG(dns_name_packet, in_packet); @@ -189,16 +186,18 @@ static NTSTATUS dns_process(struct dns_server *dns, TALLOC_FREE(in_packet); TALLOC_FREE(out_packet); DEBUG(0, ("Failed to push packet %d!\n", ndr_err)); - *out = *in; - - out->data[2] |= 0x80; /* Toggle DNS_FLAG_REPLY */ - out->data[3] |= DNS_RCODE_SERVFAIL; - - return NT_STATUS_OK; + dns_err = DNS_RCODE_SERVFAIL; + goto drop; } dump_data(8, out->data, out->length); return NT_STATUS_OK; + +drop: + *out = *in; + out->data[2] |= 0x80; /* Toggle DNS_FLAG_REPLY */ + out->data[3] |= dns_err; + return NT_STATUS_OK; } struct dns_tcp_call { -- Samba Shared Repository