[PATCH] Bug 12449 - Avoid recursion in the windows dns admin gui
Stefan Metzmacher
metze at samba.org
Wed Nov 30 06:18:37 UTC 2016
Hi,
here's a patch to fix https://bugzilla.samba.org/show_bug.cgi?id=12449
The problem is that w4edom-l4.base.w4edom-l4.base and w4edom-l4.base
are treated as the same when enumerating dns records.
Please review and push:-)
Thanks!
metze
-------------- next part --------------
From f14e0faf008138b81a21c069bc33bc1b331931f3 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Fri, 25 Nov 2016 10:37:15 +0100
Subject: [PATCH] s4:rpc_server/dnsserver: let dns_split_node_name() return "@"
for the zone itself
This is important to handle difference between node_name="w4edom-l4.base"
and node_name="w4edom-l4.base.w4edom-l4.base" with zone_name="w4edom-l4.base".
If someone accedentally added new name as
"somehost.w4edom-l4.base.w4edom-l4.base", we used to display a recursion
in the Windows dns admin GUI.
Before we got this:
w4edom-l4.base
-> base
-> w4edom-l4
-> base
-> w4edom-l4
-> base
-> w4edom-l4
-> base
-> w4edom-l4
-> base
-> w4edom-l4
-> base
-> w4edom-l4
...
Now we get the same as with a Windows server and see a tree like this:
w4edom-l4.base
-> base
-> w4edom-l4
-> somehost: A 172.31.111.111
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12449
Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
source4/rpc_server/dnsserver/dcerpc_dnsserver.c | 17 +++--------------
source4/rpc_server/dnsserver/dnsdata.c | 13 ++++++++-----
2 files changed, 11 insertions(+), 19 deletions(-)
diff --git a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
index d5dbaf0..3f674b9 100644
--- a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
+++ b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
@@ -1739,7 +1739,7 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate,
W_ERROR_HAVE_NO_MEMORY_AND_FREE(name, tmp_ctx);
/* search all records under parent tree */
- if (strcasecmp(name, z->name) == 0) {
+ if (strcmp(name, "@") == 0) {
ret = ldb_search(dsstate->samdb, tmp_ctx, &res, z->zone_dn,
LDB_SCOPE_ONELEVEL, attrs,
"(&(objectClass=dnsNode)(!(dNSTombstoned=TRUE)))");
@@ -1766,11 +1766,7 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate,
(ldb_qsort_cmp_fn_t)dns_name_compare);
/* Build a tree of name components from dns name */
- if (strcasecmp(name, z->name) == 0) {
- tree = dns_build_tree(tmp_ctx, "@", res);
- } else {
- tree = dns_build_tree(tmp_ctx, name, res);
- }
+ tree = dns_build_tree(tmp_ctx, name, res);
W_ERROR_HAVE_NO_MEMORY_AND_FREE(tree, tmp_ctx);
/* Find the parent record in the tree */
@@ -1874,14 +1870,7 @@ static WERROR dnsserver_update_record(struct dnsserver_state *dsstate,
tmp_ctx = talloc_new(mem_ctx);
W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
- /* If node_name is @ or zone name, dns record is @ */
- if (strcmp(node_name, "@") == 0 ||
- strcmp(node_name, ".") == 0 ||
- strcasecmp(node_name, z->name) == 0) {
- name = talloc_strdup(tmp_ctx, "@");
- } else {
- name = dns_split_node_name(tmp_ctx, node_name, z->name);
- }
+ name = dns_split_node_name(tmp_ctx, node_name, z->name);
W_ERROR_HAVE_NO_MEMORY_AND_FREE(name, tmp_ctx);
if (add_buf != NULL) {
diff --git a/source4/rpc_server/dnsserver/dnsdata.c b/source4/rpc_server/dnsserver/dnsdata.c
index ccea0d7..319d020 100644
--- a/source4/rpc_server/dnsserver/dnsdata.c
+++ b/source4/rpc_server/dnsserver/dnsdata.c
@@ -232,8 +232,9 @@ char *dns_split_node_name(TALLOC_CTX *tmp_ctx, const char *node_name, const char
int ncount, zcount, i, match;
/*
- * If node_name is "@", return the zone_name
- * If node_name is ".", return NULL
+ * If node_name is "@", return @
+ * If node_name is ".", return @
+ * If node_name is zone_name, return @
* If there is no '.' in node_name, return the node_name as is.
*
* If node_name does not have zone_name in it, return the node_name as is.
@@ -243,9 +244,11 @@ char *dns_split_node_name(TALLOC_CTX *tmp_ctx, const char *node_name, const char
*
*/
if (strcmp(node_name, "@") == 0) {
- prefix = talloc_strdup(tmp_ctx, zone_name);
+ prefix = talloc_strdup(tmp_ctx, "@");
} else if (strcmp(node_name, ".") == 0) {
- prefix = NULL;
+ prefix = talloc_strdup(tmp_ctx, "@");
+ } else if (strcasecmp(node_name, zone_name) == 0) {
+ prefix = talloc_strdup(tmp_ctx, "@");
} else if (strchr(node_name, '.') == NULL) {
prefix = talloc_strdup(tmp_ctx, node_name);
} else {
@@ -267,7 +270,7 @@ char *dns_split_node_name(TALLOC_CTX *tmp_ctx, const char *node_name, const char
}
if (match == ncount) {
- prefix = talloc_strdup(tmp_ctx, zone_name);
+ prefix = talloc_strdup(tmp_ctx, "@");
} else {
prefix = talloc_strdup(tmp_ctx, nlist[0]);
if (prefix != NULL) {
--
1.9.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20161130/051936c2/signature.sig>
More information about the samba-technical
mailing list