[SCM] Samba Shared Repository - branch v3-0-test updated -
release-3-0-28a-1149-g3c709e2
Gerald Carter
jerry at samba.org
Wed Apr 30 15:51:22 GMT 2008
The branch, v3-0-test has been updated
via 3c709e20772333f64501747107bbb70d43f6f262 (commit)
from 6c8f19cd6cc21106a71ab9d6bca5de76c71f0bca (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test
- Log -----------------------------------------------------------------
commit 3c709e20772333f64501747107bbb70d43f6f262
Author: Gerald W. Carter <jerry at samba.org>
Date: Wed Apr 30 09:57:15 2008 -0500
BUG 5107: Fix handling of large DNS replies on AIX and Solaris.
On AIX, Solaris, and possibly some older glibc systems (e.g. SLES8)
truncated replies never give back a resp_len > buflen
which ends up causing DNS resolve failures on large tcp DNS replies.
Also add more debug lines about processing the DNS reply.
(cherry-picked from 5ed9b92097460cd8180db806a08213e97cfb8daa
with manually resolved conflicts)
-----------------------------------------------------------------------
Summary of changes:
source/libads/dns.c | 54 ++++++++++++++++++++++++++++++++++++++++----------
1 files changed, 43 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/libads/dns.c b/source/libads/dns.c
index bf51625..5ba6241 100644
--- a/source/libads/dns.c
+++ b/source/libads/dns.c
@@ -195,8 +195,15 @@ static BOOL ads_dns_parse_rr_srv( TALLOC_CTX *ctx, uint8 *start, uint8 *end,
DEBUG(1,("ads_dns_parse_rr_srv: Failed to uncompress name!\n"));
return False;
}
+
srv->hostname = talloc_strdup( ctx, dcname );
+ DEBUG(10,("ads_dns_parse_rr_srv: Parsed %s [%u, %u, %u]\n",
+ srv->hostname,
+ srv->priority,
+ srv->weight,
+ srv->port));
+
return True;
}
@@ -274,7 +281,7 @@ static NTSTATUS dns_send_req( TALLOC_CTX *ctx, const char *name, int q_type,
uint8 **buf, int *resp_length )
{
uint8 *buffer = NULL;
- size_t buf_len;
+ size_t buf_len = 0;
int resp_len = NS_PACKETSZ;
do {
@@ -303,8 +310,25 @@ static NTSTATUS dns_send_req( TALLOC_CTX *ctx, const char *name, int q_type,
}
return NT_STATUS_UNSUCCESSFUL;
}
- } while ( buf_len < resp_len && resp_len < MAX_DNS_PACKET_SIZE );
-
+
+ /* On AIX, Solaris, and possibly some older glibc systems (e.g. SLES8)
+ truncated replies never give back a resp_len > buflen
+ which ends up causing DNS resolve failures on large tcp DNS replies */
+
+ if (buf_len == resp_len) {
+ if (resp_len == MAX_DNS_PACKET_SIZE) {
+ DEBUG(1,("dns_send_req: DNS reply too large when resolving %s\n",
+ name));
+ TALLOC_FREE( buffer );
+ return NT_STATUS_BUFFER_TOO_SMALL;
+ }
+
+ resp_len = MIN(resp_len*2, MAX_DNS_PACKET_SIZE);
+ }
+
+
+ } while ( buf_len < resp_len && resp_len <= MAX_DNS_PACKET_SIZE );
+
*buf = buffer;
*resp_length = resp_len;
@@ -374,8 +398,10 @@ static NTSTATUS ads_dns_lookup_srv( TALLOC_CTX *ctx, const char *name, struct dn
for ( rrnum=0; rrnum<query_count; rrnum++ ) {
struct dns_query q;
- if ( !ads_dns_parse_query( ctx, buffer, buffer+resp_len, &p, &q ) ) {
- DEBUG(1,("ads_dns_lookup_srv: Failed to parse query record!\n"));
+ if (!ads_dns_parse_query(ctx, buffer,
+ buffer+resp_len, &p, &q)) {
+ DEBUG(1,("ads_dns_lookup_srv: "
+ "Failed to parse query record [%d]!\n", rrnum));
return NT_STATUS_UNSUCCESSFUL;
}
}
@@ -383,8 +409,10 @@ static NTSTATUS ads_dns_lookup_srv( TALLOC_CTX *ctx, const char *name, struct dn
/* now we are at the answer section */
for ( rrnum=0; rrnum<answer_count; rrnum++ ) {
- if ( !ads_dns_parse_rr_srv( ctx, buffer, buffer+resp_len, &p, &dcs[rrnum] ) ) {
- DEBUG(1,("ads_dns_lookup_srv: Failed to parse answer record!\n"));
+ if (!ads_dns_parse_rr_srv(ctx, buffer, buffer+resp_len,
+ &p, &dcs[rrnum])) {
+ DEBUG(1,("ads_dns_lookup_srv: "
+ "Failed to parse answer recordi [%d]!\n", rrnum));
return NT_STATUS_UNSUCCESSFUL;
}
}
@@ -396,8 +424,10 @@ static NTSTATUS ads_dns_lookup_srv( TALLOC_CTX *ctx, const char *name, struct dn
for ( rrnum=0; rrnum<auth_count; rrnum++ ) {
struct dns_rr rr;
- if ( !ads_dns_parse_rr( ctx, buffer, buffer+resp_len, &p, &rr ) ) {
- DEBUG(1,("ads_dns_lookup_srv: Failed to parse authority record!\n"));
+ if (!ads_dns_parse_rr( ctx, buffer,
+ buffer+resp_len, &p, &rr)) {
+ DEBUG(1,("ads_dns_lookup_srv: "
+ "Failed to parse authority record! [%d]\n", rrnum));
return NT_STATUS_UNSUCCESSFUL;
}
}
@@ -408,8 +438,10 @@ static NTSTATUS ads_dns_lookup_srv( TALLOC_CTX *ctx, const char *name, struct dn
struct dns_rr rr;
int i;
- if ( !ads_dns_parse_rr( ctx, buffer, buffer+resp_len, &p, &rr ) ) {
- DEBUG(1,("ads_dns_lookup_srv: Failed to parse additional records section!\n"));
+ if (!ads_dns_parse_rr(ctx, buffer, buffer+resp_len,
+ &p, &rr)) {
+ DEBUG(1,("ads_dns_lookup_srv: Failed "
+ "to parse additional records section! [%d]\n", rrnum));
return NT_STATUS_UNSUCCESSFUL;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list