The branch, master has been updated via 206909d52b7 s4: dns: Add customizable dns port option from f74472675c3 smbd: expand DEBUG statement in smbd_dirptr_get_entry() to include the dir and direntry name
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 206909d52b77f901186f4ceb9e2437c75abbe4fb Author: Thomas Debesse <d...@illwieckz.net> Date: Wed Sep 22 19:09:02 2021 +0200 s4: dns: Add customizable dns port option Signed-off-by: Thomas Debesse <d...@illwieckz.net> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Mar 25 20:25:28 UTC 2022 on sn-devel-184 ----------------------------------------------------------------------- Summary of changes: WHATSNEW.txt | 15 +++++++++++++++ docs-xml/smbdotconf/protocol/dnsport.xml | 21 +++++++++++++++++++++ lib/param/loadparm.c | 2 ++ source3/param/loadparm.c | 2 ++ source4/dns_server/dns_server.c | 4 ++-- 5 files changed, 42 insertions(+), 2 deletions(-) create mode 100644 docs-xml/smbdotconf/protocol/dnsport.xml Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 1ce1d27567f..d23bede2da2 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -48,6 +48,20 @@ available for Samba AD compiled with MIT Kerberos 1.20. [1] https://docs.microsoft.com/en-us/windows-server/security/kerberos/kerberos-constrained-delegation-overview +Customizable DNS listening port +------------------------------- + +It is now possible to set a custom listening port for the builtin DNS service, +making easy to host another DNS on the same system that would bind to the +default port and forward the domain-specific queries to Samba using the custom +port. This is the opposite configuration of setting a forwarder in Samba. + +It makes possible to use another DNS server as a front and forward to Samba. + +Dynamic DNS updates may not be proxied by the front DNS server when forwarding +to Samba. Dynamic DNS update proxying depends on the features of the other DNS +server used as a front. + REMOVED FEATURES ================ @@ -58,6 +72,7 @@ smb.conf changes Parameter Name Description Default -------------- ----------- ------- + dns port New default 53 KNOWN ISSUES diff --git a/docs-xml/smbdotconf/protocol/dnsport.xml b/docs-xml/smbdotconf/protocol/dnsport.xml new file mode 100644 index 00000000000..20d39b2029b --- /dev/null +++ b/docs-xml/smbdotconf/protocol/dnsport.xml @@ -0,0 +1,21 @@ +<samba:parameter name="dns port" + context="G" + type="integer" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>Specifies which ports the server should listen on for + DNS traffic.</para> + + <para>It makes possible to use another DNS server as a front + and forward to Samba.</para> + + <warning> + <para>Dynamic DNS updates may not be proxied by the front + DNS server when forwarding to Samba. Dynamic DNS update + proxying depends on the features of the other DNS server + used as a front.</para> + </warning> +</description> + +<value type="default">53</value> +</samba:parameter> diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index d6d845391e6..ab73fbdda3d 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -69,6 +69,7 @@ #include "libcli/smb/smb_constants.h" #include "tdb.h" #include "librpc/gen_ndr/nbt.h" +#include "librpc/gen_ndr/dns.h" #include "libds/common/roles.h" #include "lib/util/samba_util.h" #include "libcli/auth/ntlm_check.h" @@ -2694,6 +2695,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) lpcfg_do_global_parameter(lp_ctx, "cldap port", "389"); lpcfg_do_global_parameter(lp_ctx, "krb5 port", "88"); lpcfg_do_global_parameter(lp_ctx, "kpasswd port", "464"); + lpcfg_do_global_parameter_var(lp_ctx, "dns port", "%d", DNS_SERVICE_PORT); lpcfg_do_global_parameter(lp_ctx, "kdc enable fast", "True"); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 630937e521d..1b7b0b06484 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -71,6 +71,7 @@ #include "dbwrap/dbwrap_rbt.h" #include "../lib/util/bitmap.h" #include "librpc/gen_ndr/nbt.h" +#include "librpc/gen_ndr/dns.h" #include "source4/lib/tls/tls.h" #include "libcli/auth/ntlm_check.h" #include "lib/crypto/gnutls_helpers.h" @@ -786,6 +787,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals) Globals.init_logon_delay = 100; /* 100 ms default delay */ Globals.wins_dns_proxy = true; + Globals.dns_port = DNS_SERVICE_PORT; Globals.allow_trusted_domains = true; lpcfg_string_set(Globals.ctx, &Globals.idmap_backend, "tdb"); diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c index 7d5a884bd2e..7d0c0862725 100644 --- a/source4/dns_server/dns_server.c +++ b/source4/dns_server/dns_server.c @@ -700,7 +700,7 @@ static NTSTATUS dns_startup_interfaces(struct dns_server *dns, iface_list_n_ip(ifaces, i)); status = dns_add_socket(dns, model_ops, "dns", address, - DNS_SERVICE_PORT); + lpcfg_dns_port(dns->task->lp_ctx)); NT_STATUS_NOT_OK_RETURN(status); } } else { @@ -713,7 +713,7 @@ static NTSTATUS dns_startup_interfaces(struct dns_server *dns, } for (i = 0; wcard[i] != NULL; i++) { status = dns_add_socket(dns, model_ops, "dns", wcard[i], - DNS_SERVICE_PORT); + lpcfg_dns_port(dns->task->lp_ctx)); if (NT_STATUS_IS_OK(status)) { num_binds++; } -- Samba Shared Repository