DNS resolution in 'make test'

Andreas Schneider asn at samba.org
Thu Sep 4 00:32:18 MDT 2014 

On Thursday 04 September 2014 14:36:50 Andrew Bartlett wrote:
> On Wed, 2014-09-03 at 12:08 +0200, Andreas Schneider wrote:
> > Hi,
> > 
> > while working on MIT Kerberos stuff it became clear that we need to talk
> > to
> > DNS server to ask it about SRV records for the KDC.
> > 
> > I've did some investigation and wrote a resolv_wrapper library to wrap
> > res_init(), res_query() and res_search(). It is a really simple wrapper
> > and
> > I'm able to talk to the Samba DNS server in 'make test' now!
> > 
> > asn at magrathea:~/workspace/projects/samba/git>
> > LD_PRELOAD=$LD_PRELOAD:libresolv_wrapper.so
> > SOCKET_WRAPPER_PCAP_FILE=kinit.pcap RESOLV_WRAPPER_DEBUGLEVEL=5
> > RESOLV_WRAPPER_NAMESERVER="127.0.0.21"
> > KRB5_CONFIG=/home/asn/workspace/projects/samba/git/krb5_kinit.conf
> > KRB5_TRACE=/dev/stdout kinit Administrator at SAMBA.EXAMPLE.COM
> > [17918] 1409738193.686386: Getting initial credentials for
> > Administrator at SAMBA.EXAMPLE.COM
> > [17918] 1409738193.686668: Sending request (194 bytes) to
> > SAMBA.EXAMPLE.COM
> > [17918] 1409738193.688507: Resolving hostname localdc.samba.example.com.
> > [17918] 1409738193.689448: Sending initial UDP request to dgram
> > 127.0.0.21:88 [17918] 1409738193.695803: Received answer (510 bytes) from
> > dgram
> > 127.0.0.21:88
> > [17918] 1409738193.696451: Response was not from master KDC
> > [17918] 1409738193.696499: Received error from KDC: -1765328359/Additional
> > pre-authentication required
> > [17918] 1409738193.696560: Processing preauth types: 136, 19, 2, 133
> > [17918] 1409738193.696594: Selected etype info: etype aes256-cts, salt
> > "SAMBA.EXAMPLE.COMAdministrator", params ""
> > [17918] 1409738193.696612: Received cookie: MIT
> > Password for Administrator at SAMBA.EXAMPLE.COM:
> > 
> > w00t!
> > 
> > 
> > Soon available in your Samba master tree! :)
> 
> Nice!  This will make the subdomain stuff much more practical, and the
> make test environment much less 'special'.

I'm working on that. I've fully integrated it into Samba and created a 
resolv.conf with the IPv4 and IPv6 address. The libresolv prefers IPv6 and 
talks to the DNS server over IPv6!

https://www.cloudshark.org/captures/395cd6b88c2e


Time for more testing and code removal :)


> Now we just need to get rid of my horrid dns_hosts_file hack :-)


I think I want to backup that code. Maybe it could be useful for 
resolv_wrapper some day. So if you want to fake a DNS server you could give 
resolv_wrapper the dns_host_file and it will create correct queries from it.


Cheers,


	-- andreas

-- 
Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org
www.samba.org

More information about the samba-technical mailing list