From 15965fbba3ed43c2a9ff20b4d1ebdc237547d13b Mon Sep 17 00:00:00 2001
From: Matthieu Patou <mat@matws.net>
Date: Mon, 1 Oct 2012 21:36:34 -0700
Subject: [PATCH] s4-dns: Ignore zones that shouldn't be returned currently

RootDNSServers should never be returned (Windows DNS server don't)
..TrustAnchors should never be returned as is, (Windows returns
TrustAnchors) and for the moment we don't support DNSSEC so we'd better
not return this zone.
---
 source4/dns_server/dns_server.c |   15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index b768feb..5be5379 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -832,7 +832,20 @@ static void dns_task_init(struct task_server *task)
 
 		z->name = ldb_msg_find_attr_as_string(res->msgs[i], "name", NULL);
 		z->dn = talloc_move(z, &res->msgs[i]->dn);
-
+		/*
+		 * Ignore the RootDNSServers zone and zones that we don't support yet
+		 * RootDNSServers should never be returned (Windows DNS server don't)
+		 * ..TrustAnchors should never be returned as is, (Windows returns
+		 * TrustAnchors) and for the moment we don't support DNSSEC so we'd better
+		 * not return this zone.
+		 */
+		if ((strcmp(z->name, "RootDNSServers") == 0) ||
+		    (strcmp(z->name, "..TrustAnchors") == 0))
+		{
+			DEBUG(10, ("Ignoring zone %s\n", z->name));
+			talloc_free(z);
+			continue;
+		}
 		DLIST_ADD_END(dns->zones, z, NULL);
 	}
 
-- 
1.7.9.5