From d8be5b7c3fd3e5c36b92c9d6c6bd9a9419ea5828 Mon Sep 17 00:00:00 2001 From: hywu Date: Tue, 7 Mar 2023 14:32:27 +0800 Subject: [PATCH] net: do DNS connection only once. net ads dns register command will register/update DNS record at DNS. If DNS policy is round robin, you may get different IP address between dyanmic update and TKEY query in multiple interfaces/subnets connection enviroment. Running dynamic update and TEKY query in different interfaces/subnets may causes DNS dynamic update to fail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15326 Signed-off-by: hywu --- lib/addns/dns.h | 15 +++++++++------ lib/addns/dnsgss.c | 13 ++++++++----- source3/utils/net_dns.c | 8 ++++---- 3 files changed, 21 insertions(+), 15 deletions(-) diff --git a/lib/addns/dns.h b/lib/addns/dns.h index 1f61d6e..f946881 100644 --- a/lib/addns/dns.h +++ b/lib/addns/dns.h @@ -285,12 +285,13 @@ DNS_ERROR dns_create_tsig_record(TALLOC_CTX *mem_ctx, const char *keyname, uint16_t mac_length, const uint8_t *mac, uint16_t original_id, uint16_t error, struct dns_rrec **prec); +DNS_ERROR dns_add_rrec(TALLOC_CTX *mem_ctx, struct dns_rrec *rec, + uint16_t *num_records, struct dns_rrec ***records); DNS_ERROR dns_create_update_request(TALLOC_CTX *mem_ctx, const char *domainname, const char *hostname, const struct sockaddr_storage *ip_addr, size_t num_adds, - uint32_t ttl, struct dns_update_request **preq); /* from dnssock.c */ @@ -349,12 +350,14 @@ const char *dns_errstr(DNS_ERROR err); #ifdef HAVE_GSSAPI -void display_status( const char *msg, OM_uint32 maj_stat, OM_uint32 min_stat ); +void display_status( const char *msg, OM_uint32 maj_stat, OM_uint32 min_stat ); DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm, - const char *servername, - const char *keyname, - gss_ctx_id_t *gss_ctx, - enum dns_ServerType srv_type ); + const char *servername, + const char *keyname, + gss_ctx_id_t *gss_ctx, + enum dns_ServerType srv_type, + struct dns_connection *conn); + DNS_ERROR dns_sign_update(struct dns_update_request *req, gss_ctx_id_t gss_ctx, const char *keyname, diff --git a/lib/addns/dnsgss.c b/lib/addns/dnsgss.c index a446da6..01890620 100644 --- a/lib/addns/dnsgss.c +++ b/lib/addns/dnsgss.c @@ -219,7 +219,8 @@ DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm, const char *servername, const char *keyname, gss_ctx_id_t *gss_ctx, - enum dns_ServerType srv_type ) + enum dns_ServerType srv_type, + struct dns_connection *connp) { OM_uint32 major, minor; @@ -239,10 +240,12 @@ DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm, if (!(mem_ctx = talloc_init("dns_negotiate_sec_ctx"))) { return ERROR_DNS_NO_MEMORY; } - - err = dns_open_connection( servername, DNS_TCP, mem_ctx, &conn ); - if (!ERR_DNS_IS_OK(err)) goto error; - + if(connp==NULL){ + err = dns_open_connection( servername, DNS_TCP, mem_ctx, &conn); + if (!ERR_DNS_IS_OK(err)) goto error; + }else + conn=connp; + if (!(upcaserealm = talloc_strdup(mem_ctx, target_realm))) { err = ERROR_DNS_NO_MEMORY; goto error; diff --git a/source3/utils/net_dns.c b/source3/utils/net_dns.c index 9850ba4..0ce9351 100644 --- a/source3/utils/net_dns.c +++ b/source3/utils/net_dns.c @@ -39,7 +39,8 @@ DNS_ERROR DoDNSUpdate(char *pszServerName, bool remove_host) { DNS_ERROR err; - struct dns_connection *conn; + + struct dns_connection *conn=NULL; TALLOC_CTX *mem_ctx; OM_uint32 minor; struct dns_update_request *req, *resp; @@ -137,15 +138,14 @@ DNS_ERROR DoDNSUpdate(char *pszServerName, err = ERROR_DNS_NO_MEMORY; goto error; } - err = dns_negotiate_sec_ctx( pszDomainName, pszServerName, - keyname, &gss_context, DNS_SRV_ANY ); + keyname, &gss_context, DNS_SRV_ANY , conn); /* retry using the Windows 2000 DNS hack */ if (!ERR_DNS_IS_OK(err)) { err = dns_negotiate_sec_ctx( pszDomainName, pszServerName, keyname, &gss_context, - DNS_SRV_WIN2000 ); + DNS_SRV_WIN2000 , conn); } if (!ERR_DNS_IS_OK(err)) -- 2.1.4