#include "s3_param.h"
#include "lib/util/bitmap.h"
#include "libcli/smb/smb_constants.h"
+#include "source4/dns_server/dns_update.h"
#define standard_sub_basic talloc_strdup
.special = NULL,
.enum_list = NULL
},
+ {
+ .label = "allow dns updates",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .offset = GLOBAL_VAR(allow_dns_updates),
+ .special = NULL,
+ .enum_list = enum_dns_update_settings
+ },
{NULL, P_BOOL, P_NONE, 0, NULL, NULL, 0}
};
FN_GLOBAL_INTEGER(cli_maxprotocol, cli_maxprotocol)
FN_GLOBAL_INTEGER(cli_minprotocol, cli_minprotocol)
FN_GLOBAL_BOOL(paranoid_server_security, paranoid_server_security)
+FN_GLOBAL_INTEGER(allow_dns_updates, allow_dns_updates)
FN_GLOBAL_INTEGER(server_signing, server_signing)
FN_GLOBAL_INTEGER(client_signing, client_signing)
lpcfg_do_global_parameter(lp_ctx, "rndc command", "/usr/sbin/rndc");
lpcfg_do_global_parameter(lp_ctx, "nsupdate command", "/usr/bin/nsupdate -g");
+ lpcfg_do_global_parameter(lp_ctx, "allow dns updates", "False");
+
for (i = 0; parm_table[i].label; i++) {
if (!(lp_ctx->flags[i] & FLAG_CMDLINE)) {
lp_ctx->flags[i] |= FLAG_DEFAULT;
const char *lpcfg_netbios_name(struct loadparm_context *);
const char *lpcfg_private_dir(struct loadparm_context *);
int lpcfg_server_role(struct loadparm_context *);
+int lpcfg_allow_dns_updates(struct loadparm_context *);
void reload_charcnv(struct loadparm_context *lp_ctx);
{SMB_SIGNING_REQUIRED, "enforced"},
{-1, NULL}
};
+
+/* DNS update options. */
+static const struct enum_list enum_dns_update_settings[] = {
+ {DNS_UPDATE_OFF, "False"},
+ {DNS_UPDATE_ON, "True"},
+ {DNS_UPDATE_SIGNED, "signed"},
+ {-1, NULL}
+};
#include "dbwrap/dbwrap.h"
#include "dbwrap/dbwrap_rbt.h"
#include "../lib/util/bitmap.h"
+#include "../source4/dns_server/dns_update.h"
#ifdef HAVE_SYS_SYSCTL_H
#include <sys/sysctl.h>
#include "librpc/gen_ndr/ndr_dns.h"
#include "librpc/gen_ndr/ndr_dnsp.h"
#include <ldb.h>
+#include "param/param.h"
#include "dsdb/samdb/samdb.h"
#include "dsdb/common/util.h"
+#include "smbd/service_task.h"
#include "dns_server/dns_server.h"
+#include "dns_server/dns_update.h"
static WERROR dns_rr_to_dnsp(TALLOC_CTX *mem_ctx,
const struct dns_res_rec *rrec,
const struct dns_server_zone *z;
size_t host_part_len = 0;
WERROR werror = DNS_ERR(NOT_IMPLEMENTED);
- bool update_allowed = false;
if (in->qdcount != 1) {
return DNS_ERR(FORMAT_ERROR);
/* TODO: Check if update is allowed, we probably want "always",
* key-based GSSAPI, key-based bind-style TSIG and "never" as
* smb.conf options. */
- if (!update_allowed) {
+ if (lpcfg_allow_dns_updates(dns->task->lp_ctx) != DNS_UPDATE_ON) {
DEBUG(0, ("Update not allowed."));
return DNS_ERR(REFUSED);
}
--- /dev/null
+/*
+ Unix SMB/CIFS implementation.
+
+ DNS update settings
+
+ Copyright (C) 2011 Kai Blin <kai@samba.org>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+enum dns_update_settings {
+ DNS_UPDATE_OFF=0,
+ DNS_UPDATE_ON=1,
+ DNS_UPDATE_SIGNED=2
+};
git.samba.org / mat / samba.git / commitdiff