From a9f3b0fec5bd35931165c732e34ef80c169a2e8e Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sat, 14 May 2016 19:11:31 +0200 Subject: [PATCH 1/6] pidl: add dns_unique_string We need a string type that doesn't use DNS string compression for the TSIG response. This will be used in subsequent commits. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11520 Signed-off-by: Ralph Boehme --- pidl/lib/Parse/Pidl/NDR.pm | 1 + pidl/lib/Parse/Pidl/Samba4/Python.pm | 4 ++-- pidl/lib/Parse/Pidl/Typelist.pm | 5 +++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/pidl/lib/Parse/Pidl/NDR.pm b/pidl/lib/Parse/Pidl/NDR.pm index d65cbe7..f429de3 100644 --- a/pidl/lib/Parse/Pidl/NDR.pm +++ b/pidl/lib/Parse/Pidl/NDR.pm @@ -75,6 +75,7 @@ my $scalar_alignment = { 'NTSTATUS' => 4, 'COMRESULT' => 4, 'dns_string' => 4, + 'dns_unique_string' => 4, 'nbt_string' => 4, 'wrepl_nbt_name' => 4, 'ipv4address' => 4, diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/pidl/lib/Parse/Pidl/Samba4/Python.pm index 6488ac9..927ccdc 100644 --- a/pidl/lib/Parse/Pidl/Samba4/Python.pm +++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm @@ -1119,7 +1119,7 @@ sub ConvertObjectFromPythonData($$$$$$;$) return; } - if ($actual_ctype->{TYPE} eq "SCALAR" and ($actual_ctype->{NAME} eq "dns_string" or $actual_ctype->{NAME} eq "dns_name")) { + if ($actual_ctype->{TYPE} eq "SCALAR" and ($actual_ctype->{NAME} eq "dns_string" or $actual_ctype->{NAME} eq "dns_name" or $actual_ctype->{NAME} eq "dns_unique_string")) { $self->pidl("$target = talloc_strdup($mem_ctx, PyString_AS_STRING($cvar));"); return; } @@ -1343,7 +1343,7 @@ sub ConvertScalarToPython($$$) return "PyString_FromStringOrNULL($cvar)"; } - if (($ctypename eq "dns_string" or $ctypename eq "dns_name")) { + if (($ctypename eq "dns_string" or $ctypename eq "dns_name" or $ctypename eq "dns_unique_string")) { return "PyString_FromStringOrNULL($cvar)"; } diff --git a/pidl/lib/Parse/Pidl/Typelist.pm b/pidl/lib/Parse/Pidl/Typelist.pm index 774554f..e261f5e 100644 --- a/pidl/lib/Parse/Pidl/Typelist.pm +++ b/pidl/lib/Parse/Pidl/Typelist.pm @@ -20,13 +20,13 @@ use strict; my %types = (); my @reference_scalars = ( - "string", "string_array", "nbt_string", "dns_string", + "string", "string_array", "nbt_string", "dns_string", "dns_unique_string", "wrepl_nbt_name", "dnsp_name", "dnsp_string", "ipv4address", "ipv6address" ); my @non_fixed_size_scalars = ( - "string", "string_array", "nbt_string", "dns_string", + "string", "string_array", "nbt_string", "dns_string", "dns_unique_string", "wrepl_nbt_name", "dnsp_name", "dnsp_string" ); @@ -64,6 +64,7 @@ my %scalars = ( "NTSTATUS" => "NTSTATUS", "COMRESULT" => "COMRESULT", "dns_string" => "const char *", + "dns_unique_string" => "const char *", "nbt_string" => "const char *", "wrepl_nbt_name"=> "struct nbt_name *", "ipv4address" => "const char *", -- 2.8.1 From 5b5bbf300585c1243575072c251646d213920e89 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sun, 15 May 2016 11:30:37 +0200 Subject: [PATCH 2/6] librpc/dns: add push/pull dns_string wrapper This will be used in subsequent commits to add a second public function that calls the internal version. Signed-off-by: Ralph Boehme --- librpc/ndr/ndr_dns.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/librpc/ndr/ndr_dns.c b/librpc/ndr/ndr_dns.c index ab0c83a..7e06556 100644 --- a/librpc/ndr/ndr_dns.c +++ b/librpc/ndr/ndr_dns.c @@ -107,12 +107,9 @@ static enum ndr_err_code ndr_pull_component(struct ndr_pull *ndr, "BAD DNS NAME component, too many pointers"); } -/** - pull a dns_string from the wire -*/ -_PUBLIC_ enum ndr_err_code ndr_pull_dns_string(struct ndr_pull *ndr, - int ndr_flags, - const char **s) +static enum ndr_err_code ndr_pull_dns_string_internal(struct ndr_pull *ndr, + int ndr_flags, + const char **s) { uint32_t offset = ndr->offset; uint32_t max_offset = offset; @@ -153,11 +150,18 @@ _PUBLIC_ enum ndr_err_code ndr_pull_dns_string(struct ndr_pull *ndr, } /** - push a dns string to the wire + pull a dns_string from the wire */ -_PUBLIC_ enum ndr_err_code ndr_push_dns_string(struct ndr_push *ndr, +_PUBLIC_ enum ndr_err_code ndr_pull_dns_string(struct ndr_pull *ndr, int ndr_flags, - const char *s) + const char **s) +{ + return ndr_pull_dns_string_internal(ndr, ndr_flags, s); +} + +static enum ndr_err_code ndr_push_dns_string_internal(struct ndr_push *ndr, + int ndr_flags, + const char *s) { if (!(ndr_flags & NDR_SCALARS)) { return NDR_ERR_SUCCESS; @@ -231,6 +235,16 @@ _PUBLIC_ enum ndr_err_code ndr_push_dns_string(struct ndr_push *ndr, return ndr_push_bytes(ndr, (const uint8_t *)"", 1); } +/** + push a dns string to the wire +*/ +_PUBLIC_ enum ndr_err_code ndr_push_dns_string(struct ndr_push *ndr, + int ndr_flags, + const char *s) +{ + return ndr_push_dns_string_internal(ndr, ndr_flags, s); +} + _PUBLIC_ enum ndr_err_code ndr_pull_dns_txt_record(struct ndr_pull *ndr, int ndr_flags, struct dns_txt_record *r) { NDR_PULL_CHECK_FLAGS(ndr, ndr_flags); -- 2.8.1 From 00230ab4462e3b1d0356186c935e290a0ebc2651 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sun, 15 May 2016 12:46:55 +0200 Subject: [PATCH 3/6] librpc/dns: add unique arg to ndr_push_dns_string_internal() Existing callers call ndr_push_dns_string_internal() with unique=false thus getting unmodified behaviour. Signed-off-by: Ralph Boehme --- librpc/ndr/ndr_dns.c | 49 ++++++++++++++++++++++++++----------------------- 1 file changed, 26 insertions(+), 23 deletions(-) diff --git a/librpc/ndr/ndr_dns.c b/librpc/ndr/ndr_dns.c index 7e06556..9888f55 100644 --- a/librpc/ndr/ndr_dns.c +++ b/librpc/ndr/ndr_dns.c @@ -161,7 +161,8 @@ _PUBLIC_ enum ndr_err_code ndr_pull_dns_string(struct ndr_pull *ndr, static enum ndr_err_code ndr_push_dns_string_internal(struct ndr_push *ndr, int ndr_flags, - const char *s) + const char *s, + bool unique) { if (!(ndr_flags & NDR_SCALARS)) { return NDR_ERR_SUCCESS; @@ -173,28 +174,30 @@ static enum ndr_err_code ndr_push_dns_string_internal(struct ndr_push *ndr, size_t complen; uint32_t offset; - /* see if we have pushed the remaining string already, - * if so we use a label pointer to this string - */ - ndr_err = ndr_token_retrieve_cmp_fn(&ndr->dns_string_list, s, - &offset, - (comparison_fn_t)strcmp, - false); - if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - uint8_t b[2]; - - if (offset > 0x3FFF) { - return ndr_push_error(ndr, NDR_ERR_STRING, - "offset for dns string " \ - "label pointer " \ - "%u[%08X] > 0x00003FFF", - offset, offset); + if (!unique) { + /* see if we have pushed the remaining string already, + * if so we use a label pointer to this string + */ + ndr_err = ndr_token_retrieve_cmp_fn(&ndr->dns_string_list, s, + &offset, + (comparison_fn_t)strcmp, + false); + if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + uint8_t b[2]; + + if (offset > 0x3FFF) { + return ndr_push_error(ndr, NDR_ERR_STRING, + "offset for dns string " \ + "label pointer " \ + "%u[%08X] > 0x00003FFF", + offset, offset); + } + + b[0] = 0xC0 | (offset>>8); + b[1] = (offset & 0xFF); + + return ndr_push_bytes(ndr, b, 2); } - - b[0] = 0xC0 | (offset>>8); - b[1] = (offset & 0xFF); - - return ndr_push_bytes(ndr, b, 2); } complen = strcspn(s, "."); @@ -242,7 +245,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_dns_string(struct ndr_push *ndr, int ndr_flags, const char *s) { - return ndr_push_dns_string_internal(ndr, ndr_flags, s); + return ndr_push_dns_string_internal(ndr, ndr_flags, s, false); } _PUBLIC_ enum ndr_err_code ndr_pull_dns_txt_record(struct ndr_pull *ndr, int ndr_flags, struct dns_txt_record *r) -- 2.8.1 From e112564c2843063f58d71ad491e2683e6aa6e649 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sun, 15 May 2016 12:59:52 +0200 Subject: [PATCH 4/6] librpc/dns: add dns_unique_string Some strings must not use DNS name compression. Signed-off-by: Ralph Boehme --- librpc/ndr/ndr_dns.c | 30 ++++++++++++++++++++++++++++++ librpc/ndr/ndr_dns.h | 9 +++++++++ 2 files changed, 39 insertions(+) diff --git a/librpc/ndr/ndr_dns.c b/librpc/ndr/ndr_dns.c index 9888f55..fb04f4d 100644 --- a/librpc/ndr/ndr_dns.c +++ b/librpc/ndr/ndr_dns.c @@ -47,6 +47,16 @@ _PUBLIC_ void ndr_print_dns_string(struct ndr_print *ndr, ndr_print_string(ndr, name, s); } +/** + print a dns string +*/ +_PUBLIC_ void ndr_print_dns_unique_string(struct ndr_print *ndr, + const char *name, + const char *s) +{ + ndr_print_string(ndr, name, s); +} + /* pull one component of a dns_string */ @@ -159,6 +169,16 @@ _PUBLIC_ enum ndr_err_code ndr_pull_dns_string(struct ndr_pull *ndr, return ndr_pull_dns_string_internal(ndr, ndr_flags, s); } +/** + pull a dns_unique_string from the wire +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_dns_unique_string(struct ndr_pull *ndr, + int ndr_flags, + const char **s) +{ + return ndr_pull_dns_string_internal(ndr, ndr_flags, s); +} + static enum ndr_err_code ndr_push_dns_string_internal(struct ndr_push *ndr, int ndr_flags, const char *s, @@ -248,6 +268,16 @@ _PUBLIC_ enum ndr_err_code ndr_push_dns_string(struct ndr_push *ndr, return ndr_push_dns_string_internal(ndr, ndr_flags, s, false); } +/** + push a dns string to the wire +*/ +_PUBLIC_ enum ndr_err_code ndr_push_dns_unique_string(struct ndr_push *ndr, + int ndr_flags, + const char *s) +{ + return ndr_push_dns_string_internal(ndr, ndr_flags, s, true); +} + _PUBLIC_ enum ndr_err_code ndr_pull_dns_txt_record(struct ndr_pull *ndr, int ndr_flags, struct dns_txt_record *r) { NDR_PULL_CHECK_FLAGS(ndr, ndr_flags); diff --git a/librpc/ndr/ndr_dns.h b/librpc/ndr/ndr_dns.h index 16bf11b..51947aa 100644 --- a/librpc/ndr/ndr_dns.h +++ b/librpc/ndr/ndr_dns.h @@ -26,12 +26,21 @@ void ndr_print_dns_string(struct ndr_print *ndr, const char *name, const char *s); +void ndr_print_dns_unique_string(struct ndr_print *ndr, + const char *name, + const char *s); enum ndr_err_code ndr_pull_dns_string(struct ndr_pull *ndr, int ndr_flags, const char **s); enum ndr_err_code ndr_push_dns_string(struct ndr_push *ndr, int ndr_flags, const char *s); +enum ndr_err_code ndr_pull_dns_unique_string(struct ndr_pull *ndr, + int ndr_flags, + const char **s); +enum ndr_err_code ndr_push_dns_unique_string(struct ndr_push *ndr, + int ndr_flags, + const char *s); enum ndr_err_code ndr_push_dns_res_rec(struct ndr_push *ndr, int ndr_flags, const struct dns_res_rec *r); -- 2.8.1 From 1d8dfedc0b5a59c1c3bd3f26bd4110b2c6f40260 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sat, 14 May 2016 19:08:51 +0200 Subject: [PATCH 5/6] librpc/dns: remove original_id from dns_fake_tsig_rec Cf RFC2845, 3.4.2. "TSIG Variables", the request id (original_id) is not used in the MAC calculation. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11520 Signed-off-by: Ralph Boehme --- librpc/idl/dns.idl | 1 - source4/dns_server/dns_crypto.c | 3 --- 2 files changed, 4 deletions(-) diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl index 5435fcf..8b01012 100644 --- a/librpc/idl/dns.idl +++ b/librpc/idl/dns.idl @@ -212,7 +212,6 @@ interface dns uint16 time_prefix; /* 0 until February 2106*/ uint32 time; uint16 fudge; - uint16 original_id; uint16 error; uint16 other_size; uint8 other_data[other_size]; diff --git a/source4/dns_server/dns_crypto.c b/source4/dns_server/dns_crypto.c index 3f199de..502887f 100644 --- a/source4/dns_server/dns_crypto.c +++ b/source4/dns_server/dns_crypto.c @@ -207,9 +207,6 @@ WERROR dns_verify_tsig(struct dns_server *dns, return WERR_NOMEM; } - /*FIXME: Why is there too much padding? */ - buffer_len -= 2; - /* Now we also need to count down the additional record counter */ arcount = RSVAL(buffer, 10); RSSVAL(buffer, 10, arcount-1); -- 2.8.1 From 2788228c3c8d42675f0477a80efb915416abb73e Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sat, 14 May 2016 19:18:42 +0200 Subject: [PATCH 6/6] s4/dns_server: use dns_unique_strings in TSIG response This doesn't seem to be documented anywhere, but in TSIG responses Windows DNS servers return full strings, not just string refs and Windows clients will fail TSIG MAC validation of we send string refs. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11520 Signed-off-by: Ralph Boehme --- librpc/idl/dns.idl | 9 +++++++-- librpc/ndr/ndr_dns.c | 6 ++++-- source4/dns_server/dns_crypto.c | 10 +++++----- source4/dns_server/dns_query.c | 12 ++++++------ source4/dns_server/dns_update.c | 12 ++++++------ source4/dns_server/dns_utils.c | 2 +- 6 files changed, 29 insertions(+), 22 deletions(-) diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl index 8b01012..b5e423d 100644 --- a/librpc/idl/dns.idl +++ b/librpc/idl/dns.idl @@ -192,7 +192,7 @@ interface dns } dns_tkey_record; typedef [public] struct { - dns_string algorithm_name; + dns_unique_string algorithm_name; uint16 time_prefix; /* 0 until February 2106*/ uint32 time; uint16 fudge; @@ -235,8 +235,13 @@ interface dns [default]; } dns_rdata; + typedef [nodiscriminant,public,flag(NDR_NOALIGN)] union { + [case(DNS_QTYPE_TSIG)] dns_unique_string name; + [default] dns_string name; + } dns_stringU; + typedef [flag(LIBNDR_PRINT_ARRAY_HEX|NDR_NOALIGN),nopush,nopull] struct { - dns_string name; + [switch_is(rr_type)] dns_stringU name; dns_qtype rr_type; dns_qclass rr_class; uint32 ttl; diff --git a/librpc/ndr/ndr_dns.c b/librpc/ndr/ndr_dns.c index fb04f4d..01549e7 100644 --- a/librpc/ndr/ndr_dns.c +++ b/librpc/ndr/ndr_dns.c @@ -312,7 +312,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_dns_res_rec(struct ndr_push *ndr, LIBNDR_FLAG_NOALIGN); if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_dns_string(ndr, NDR_SCALARS, r->name)); + NDR_CHECK(ndr_push_set_switch_value(ndr, &r->name, r->rr_type)); + NDR_CHECK(ndr_push_dns_stringU(ndr, NDR_SCALARS, &r->name)); NDR_CHECK(ndr_push_dns_qtype(ndr, NDR_SCALARS, r->rr_type)); NDR_CHECK(ndr_push_dns_qclass(ndr, NDR_SCALARS, r->rr_class)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->ttl)); @@ -366,7 +367,8 @@ _PUBLIC_ enum ndr_err_code ndr_pull_dns_res_rec(struct ndr_pull *ndr, LIBNDR_FLAG_NOALIGN); if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_dns_string(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->name, r->rr_type)); + NDR_CHECK(ndr_pull_dns_stringU(ndr, NDR_SCALARS, &r->name)); NDR_CHECK(ndr_pull_dns_qtype(ndr, NDR_SCALARS, &r->rr_type)); NDR_CHECK(ndr_pull_dns_qclass(ndr, NDR_SCALARS, &r->rr_class)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->ttl)); diff --git a/source4/dns_server/dns_crypto.c b/source4/dns_server/dns_crypto.c index 502887f..3b4fe87 100644 --- a/source4/dns_server/dns_crypto.c +++ b/source4/dns_server/dns_crypto.c @@ -36,8 +36,8 @@ static WERROR dns_copy_tsig(TALLOC_CTX *mem_ctx, struct dns_res_rec *old, struct dns_res_rec *new_rec) { - new_rec->name = talloc_strdup(mem_ctx, old->name); - W_ERROR_HAVE_NO_MEMORY(new_rec->name); + new_rec->name.name = talloc_strdup(mem_ctx, old->name.name); + W_ERROR_HAVE_NO_MEMORY(new_rec->name.name); new_rec->rr_type = old->rr_type; new_rec->rr_class = old->rr_class; @@ -144,7 +144,7 @@ WERROR dns_verify_tsig(struct dns_server *dns, packet->arcount--; - tkey = dns_find_tkey(dns->tkeys, state->tsig->name); + tkey = dns_find_tkey(dns->tkeys, state->tsig->name.name); if (tkey == NULL) { state->tsig_error = DNS_RCODE_BADKEY; return DNS_ERR(NOTAUTH); @@ -314,8 +314,8 @@ WERROR dns_sign_tsig(struct dns_server *dns, return ntstatus_to_werror(status); } - tsig->name = talloc_strdup(tsig, check_rec->name); - if (tsig->name == NULL) { + tsig->name.name = talloc_strdup(tsig, check_rec->name); + if (tsig->name.name == NULL) { return WERR_NOMEM; } tsig->rr_class = check_rec->rr_class; diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c index c251430..b94859d 100644 --- a/source4/dns_server/dns_query.c +++ b/source4/dns_server/dns_query.c @@ -125,8 +125,8 @@ static WERROR add_response_rr(const char *name, return DNS_ERR(NOT_IMPLEMENTED); } - ans[ai].name = talloc_strdup(ans, name); - W_ERROR_HAVE_NO_MEMORY(ans[ai].name); + ans[ai].name.name = talloc_strdup(ans, name); + W_ERROR_HAVE_NO_MEMORY(ans[ai].name.name); ans[ai].rr_type = rec->wType; ans[ai].rr_class = DNS_QCLASS_IN; ans[ai].ttl = rec->dwTtlSeconds; @@ -156,14 +156,14 @@ static WERROR add_dns_res_rec(struct dns_res_rec **pdst, ZERO_STRUCT(dst[di]); dst[di] = (struct dns_res_rec) { - .name = talloc_strdup(dst, src->name), + .name.name = talloc_strdup(dst, src->name.name), .rr_type = src->rr_type, .rr_class = src->rr_class, .ttl = src->ttl, .length = src->length }; - if (dst[di].name == NULL) { + if (dst[di].name.name == NULL) { return WERR_NOMEM; } @@ -813,8 +813,8 @@ static WERROR handle_tkey(struct dns_server *dns, return WERR_NOMEM; } - ret_tkey->name = talloc_strdup(ret_tkey, in_tkey->name); - if (ret_tkey->name == NULL) { + ret_tkey->name.name = talloc_strdup(ret_tkey, in_tkey->name.name); + if (ret_tkey->name.name == NULL) { return WERR_NOMEM; } diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c index 60a4b36..e5aad8e 100644 --- a/source4/dns_server/dns_update.c +++ b/source4/dns_server/dns_update.c @@ -63,12 +63,12 @@ static WERROR check_one_prerequisite(struct dns_server *dns, return DNS_ERR(FORMAT_ERROR); } - match = dns_name_match(zone->name, pr->name, &host_part_len); + match = dns_name_match(zone->name, pr->name.name, &host_part_len); if (!match) { return DNS_ERR(NOTZONE); } - werror = dns_name2dn(dns, mem_ctx, pr->name, &dn); + werror = dns_name2dn(dns, mem_ctx, pr->name.name, &dn); W_ERROR_NOT_OK_RETURN(werror); if (pr->rr_class == DNS_QCLASS_ANY) { @@ -239,7 +239,7 @@ static WERROR update_prescan(const struct dns_name_question *zone, for (i = 0; i < count; i++) { r = &updates[i]; - match = dns_name_match(zone->name, r->name, &host_part_len); + match = dns_name_match(zone->name, r->name.name, &host_part_len); if (!match) { return DNS_ERR(NOTZONE); } @@ -408,7 +408,7 @@ static WERROR handle_one_update(struct dns_server *dns, return DNS_ERR(NOT_IMPLEMENTED); } - werror = dns_name2dn(dns, mem_ctx, update->name, &dn); + werror = dns_name2dn(dns, mem_ctx, update->name.name, &dn); W_ERROR_NOT_OK_RETURN(werror); werror = dns_common_lookup(dns->samdb, mem_ctx, dn, @@ -551,7 +551,7 @@ static WERROR handle_one_update(struct dns_server *dns, return WERR_OK; } else if (update->rr_class == DNS_QCLASS_ANY) { if (update->rr_type == DNS_QTYPE_ALL) { - if (dns_name_equal(update->name, zone->name)) { + if (dns_name_equal(update->name.name, zone->name)) { for (i = first; i < rcount; i++) { if (recs[i].wType == DNS_TYPE_SOA) { @@ -575,7 +575,7 @@ static WERROR handle_one_update(struct dns_server *dns, } } - } else if (dns_name_equal(update->name, zone->name)) { + } else if (dns_name_equal(update->name.name, zone->name)) { if (update->rr_type == DNS_QTYPE_SOA) { return WERR_OK; diff --git a/source4/dns_server/dns_utils.c b/source4/dns_server/dns_utils.c index ce450b5..54e65ab 100644 --- a/source4/dns_server/dns_utils.c +++ b/source4/dns_server/dns_utils.c @@ -193,7 +193,7 @@ WERROR dns_generate_options(struct dns_server *dns, if (o == NULL) { return WERR_NOMEM; } - o->name = NULL; + o->name.name = NULL; o->rr_type = DNS_QTYPE_OPT; /* This is ugly, but RFC2671 wants the payload size in this field */ o->rr_class = (enum dns_qclass) dns->max_payload; -- 2.8.1