From acdae18d2c7fcf7eeca70bf3df1489b11ab4e641 Mon Sep 17 00:00:00 2001 From: hywu Date: Wed, 8 Mar 2023 10:58:25 +0800 Subject: [PATCH] net: do DNS connection only once. net ads dns register command will register/update DNS record at DNS. If DNS policy is round robin, you may get different IP address between dyanmic update and TKEY query in multiple interfaces/subnets connection enviroment. Running dynamic update and TEKY query in different interfaces/subnets may causes DNS dynamic update to fail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15326 Signed-off-by: hywu --- lib/addns/dns.h | 3 ++- lib/addns/dnsgss.c | 13 ++++++++----- source3/utils/net_dns.c | 8 ++++---- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/lib/addns/dns.h b/lib/addns/dns.h index 1f61d6e..9bdef7f 100644 --- a/lib/addns/dns.h +++ b/lib/addns/dns.h @@ -354,7 +354,8 @@ DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm, const char *servername, const char *keyname, gss_ctx_id_t *gss_ctx, - enum dns_ServerType srv_type ); + enum dns_ServerType srv_type, + struct dns_connection *conn); DNS_ERROR dns_sign_update(struct dns_update_request *req, gss_ctx_id_t gss_ctx, const char *keyname, diff --git a/lib/addns/dnsgss.c b/lib/addns/dnsgss.c index a446da6..01890620 100644 --- a/lib/addns/dnsgss.c +++ b/lib/addns/dnsgss.c @@ -219,7 +219,8 @@ DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm, const char *servername, const char *keyname, gss_ctx_id_t *gss_ctx, - enum dns_ServerType srv_type ) + enum dns_ServerType srv_type, + struct dns_connection *connp) { OM_uint32 major, minor; @@ -239,10 +240,12 @@ DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm, if (!(mem_ctx = talloc_init("dns_negotiate_sec_ctx"))) { return ERROR_DNS_NO_MEMORY; } - - err = dns_open_connection( servername, DNS_TCP, mem_ctx, &conn ); - if (!ERR_DNS_IS_OK(err)) goto error; - + if(connp==NULL){ + err = dns_open_connection( servername, DNS_TCP, mem_ctx, &conn); + if (!ERR_DNS_IS_OK(err)) goto error; + }else + conn=connp; + if (!(upcaserealm = talloc_strdup(mem_ctx, target_realm))) { err = ERROR_DNS_NO_MEMORY; goto error; diff --git a/source3/utils/net_dns.c b/source3/utils/net_dns.c index 9850ba4..0ce9351 100644 --- a/source3/utils/net_dns.c +++ b/source3/utils/net_dns.c @@ -39,7 +39,8 @@ DNS_ERROR DoDNSUpdate(char *pszServerName, bool remove_host) { DNS_ERROR err; - struct dns_connection *conn; + + struct dns_connection *conn=NULL; TALLOC_CTX *mem_ctx; OM_uint32 minor; struct dns_update_request *req, *resp; @@ -137,15 +138,14 @@ DNS_ERROR DoDNSUpdate(char *pszServerName, err = ERROR_DNS_NO_MEMORY; goto error; } - err = dns_negotiate_sec_ctx( pszDomainName, pszServerName, - keyname, &gss_context, DNS_SRV_ANY ); + keyname, &gss_context, DNS_SRV_ANY , conn); /* retry using the Windows 2000 DNS hack */ if (!ERR_DNS_IS_OK(err)) { err = dns_negotiate_sec_ctx( pszDomainName, pszServerName, keyname, &gss_context, - DNS_SRV_WIN2000 ); + DNS_SRV_WIN2000 , conn); } if (!ERR_DNS_IS_OK(err)) -- 2.1.4