s4:dns_server: also search DNS_QTYPE_TKEY in the answers section if it's the last...

author Stefan Metzmacher <metze@samba.org>

Thu, 30 May 2024 12:41:21 +0000 (14:41 +0200)

committer Jule Anger <janger@samba.org>

Wed, 3 Jul 2024 08:48:12 +0000 (08:48 +0000)
author Stefan Metzmacher <metze@samba.org>
Thu, 30 May 2024 12:41:21 +0000 (14:41 +0200)
committer Jule Anger <janger@samba.org>
Wed, 3 Jul 2024 08:48:12 +0000 (08:48 +0000)
diff --git a/selftest/knownfail.d/dns_tkey b/selftest/knownfail.d/dns_tkey

index 8ce60f8507c5276ca046340b22754a307accd667..12c38d83b972140979ccae52be23b5b489a191fe 100644 (file)
--- a/selftest/knownfail.d/dns_tkey
+++ b/selftest/knownfail.d/dns_tkey
@@ -1,7 +1,6 @@
  ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_tsig_bad_keyname.fl2008r2dc
  ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_tsig_bad_mac.fl2008r2dc
  ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_gss_tsig_tkey_req_answers.fl2008r2dc
-^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_gss_microsoft_com_tkey_req_answers.fl2008r2dc
  ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_tsig_bad_algorithm.fl2008r2dc
  ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_tsig_changed_algorithm1.fl2008r2dc
  ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_gss_tsig_tkey_req_additional.fl2008r2dc
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c

index 3ac3cd4b2b19d413c6ac8c3330fb295d8e403ad1..1f46ee0aa197e2f510c066e38e421998c35c8f26 100644 (file)
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -799,12 +799,22 @@ static WERROR handle_tkey(struct dns_server *dns,
  {
         struct dns_res_rec *in_tkey = NULL;
         struct dns_res_rec *ret_tkey;
-       uint16_t i;
  
-       for (i = 0; i < in->arcount; i++) {
+       /*
+        * TKEY needs to we the last one in
+        * additional or answers
+        */
+       if (in->arcount >= 1) {
+               uint16_t i = in->arcount - 1;
                 if (in->additional[i].rr_type == DNS_QTYPE_TKEY) {
                         in_tkey = &in->additional[i];
-                       break;
+               }
+       } else if (in->nscount >= 1) {
+               /* no lookup */
+       } else if (in->ancount >= 1) {
+               uint16_t i = in->ancount - 1;
+               if (in->answers[i].rr_type == DNS_QTYPE_TKEY) {
+                       in_tkey = &in->answers[i];
                 }
         }
author	Stefan Metzmacher <metze@samba.org>
	Thu, 30 May 2024 12:41:21 +0000 (14:41 +0200)
committer	Jule Anger <janger@samba.org>
	Wed, 3 Jul 2024 08:48:12 +0000 (08:48 +0000)
selftest/knownfail.d/dns_tkey		patch \| blob \| blame \| history
source4/dns_server/dns_query.c		patch \| blob \| blame \| history