DNS TSIG updates need to check ACLs
Kai Blin
kai at samba.org
Wed Nov 7 04:33:27 MST 2012
On 2012-11-07 11:31, Andriy Syrovenko wrote:
Hi Andriy,
> Sorry for disturbing you, but what's the decision? While looking through
> the list of 4.0 release blockers (that was sent to the list recently) I
> thought that the https://bugzilla.samba.org/show_bug.cgi?id=7466 might
> be related.
Thanks for the reminder.
> Prior to sending you this message I've checked the latest 3.6 release
> (i.e. 3.6.9) against the 4.0rc4 and the issue is still here:
>
> bash-4.2# net ads dns register
> DNS Update for svn01.xxx.intra failed: ERROR_DNS_INVALID_MESSAGE
> DNS update failed!
I've CCed Amitay on this, as he's the author of the BIND DLZ plugin. I
still think BIND doesn't do the correct thing here, but probably your
patch won't hurt. Amitay, is there any way we can get BIND to follow the
GSS-TSIG RFC or do we have to work around it?
Cheers,
Kai
--
Kai Blin
Worldforge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
More information about the samba-technical
mailing list