DNS resolution in 'make test'
Andreas Schneider
asn at samba.org
Thu Sep 4 00:32:18 MDT 2014
On Thursday 04 September 2014 14:36:50 Andrew Bartlett wrote:
> On Wed, 2014-09-03 at 12:08 +0200, Andreas Schneider wrote:
> > Hi,
> >
> > while working on MIT Kerberos stuff it became clear that we need to talk
> > to
> > DNS server to ask it about SRV records for the KDC.
> >
> > I've did some investigation and wrote a resolv_wrapper library to wrap
> > res_init(), res_query() and res_search(). It is a really simple wrapper
> > and
> > I'm able to talk to the Samba DNS server in 'make test' now!
> >
> > asn at magrathea:~/workspace/projects/samba/git>
> > LD_PRELOAD=$LD_PRELOAD:libresolv_wrapper.so
> > SOCKET_WRAPPER_PCAP_FILE=kinit.pcap RESOLV_WRAPPER_DEBUGLEVEL=5
> > RESOLV_WRAPPER_NAMESERVER="127.0.0.21"
> > KRB5_CONFIG=/home/asn/workspace/projects/samba/git/krb5_kinit.conf
> > KRB5_TRACE=/dev/stdout kinit Administrator at SAMBA.EXAMPLE.COM
> > [17918] 1409738193.686386: Getting initial credentials for
> > Administrator at SAMBA.EXAMPLE.COM
> > [17918] 1409738193.686668: Sending request (194 bytes) to
> > SAMBA.EXAMPLE.COM
> > [17918] 1409738193.688507: Resolving hostname localdc.samba.example.com.
> > [17918] 1409738193.689448: Sending initial UDP request to dgram
> > 127.0.0.21:88 [17918] 1409738193.695803: Received answer (510 bytes) from
> > dgram
> > 127.0.0.21:88
> > [17918] 1409738193.696451: Response was not from master KDC
> > [17918] 1409738193.696499: Received error from KDC: -1765328359/Additional
> > pre-authentication required
> > [17918] 1409738193.696560: Processing preauth types: 136, 19, 2, 133
> > [17918] 1409738193.696594: Selected etype info: etype aes256-cts, salt
> > "SAMBA.EXAMPLE.COMAdministrator", params ""
> > [17918] 1409738193.696612: Received cookie: MIT
> > Password for Administrator at SAMBA.EXAMPLE.COM:
> >
> > w00t!
> >
> >
> > Soon available in your Samba master tree! :)
>
> Nice! This will make the subdomain stuff much more practical, and the
> make test environment much less 'special'.
I'm working on that. I've fully integrated it into Samba and created a
resolv.conf with the IPv4 and IPv6 address. The libresolv prefers IPv6 and
talks to the DNS server over IPv6!
https://www.cloudshark.org/captures/395cd6b88c2e
Time for more testing and code removal :)
> Now we just need to get rid of my horrid dns_hosts_file hack :-)
I think I want to backup that code. Maybe it could be useful for
resolv_wrapper some day. So if you want to fake a DNS server you could give
resolv_wrapper the dns_host_file and it will create correct queries from it.
Cheers,
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the samba-technical
mailing list