Default DNS server for Samba 4.0

Kai Blin kai at
Sat Sep 8 03:18:55 MDT 2012

On 2012-09-08 07:12, Andrew Bartlett wrote:
> On Sat, 2012-09-08 at 02:34 +0200, Kai Blin wrote:
>> No, it's perfectly clear. It's just that tests for this need support on
>> the side of libcli/dns, and that's not there yet. 
> Can't you use libaddns to test the tsig handling?

Only half of it. libaddns has no code whatsoever to verify signatures.
And libaddns doesn't work against BIND because it can't negotioate the
TKEY exchange. It works against the internal server, of course, because
net ads dns register was the test case I used for the implementation.

There is value in getting full TSIG support into libcli/dns beyond
testing. We could get rid of the samba_dnsupdate->nsupdate construction
and just call the library. And retire libaddns while we're at it. :)


Kai Blin
Worldforge developer
Wine developer
Samba team member

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the samba-technical mailing list