diff options
author | Julien ROPÉ <jrope@linagora.com> | 2018-11-23 15:56:59 +0100 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2021-06-11 19:28:10 +0000 |
commit | 0ec865d979540a63362a2014358c8bb27efc0081 (patch) | |
tree | 2d8bcc534afc10d30d529213d194edc717216a61 /WHATSNEW.txt | |
parent | 4f20d310af2bb1f96dea4810a7130492cc4cfc55 (diff) | |
download | samba-0ec865d979540a63362a2014358c8bb27efc0081.tar.gz |
Fix for https://bugzilla.samba.org/show_bug.cgi?id=9634
Add an option to smb.conf to list authorized zone transfer clients.
Implement restriction in dlz_bind9 module to allow transfers only to selected IPs.
Deny zone transfer by default in dlz_bind9.
Adds test for the restriction in DNZ zone transfer clients.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9634
Signed-off-by: Julien ROPÉ <jrope@linagora.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 11 19:28:10 UTC 2021 on sn-devel-184
Diffstat (limited to 'WHATSNEW.txt')
-rw-r--r-- | WHATSNEW.txt | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 1e407da422e..b28722c6f92 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -36,6 +36,15 @@ See also GPG_AA99442FB680B620_replaces_6F33915B6568B7EA.txt NEW FEATURES/CHANGES ==================== +- bind DLZ: Added the ability to set allow/deny lists for zone + transfer clients. + Up to now, any client could use a DNS zone transfer request + to the bind server, and get an answer from Samba. + Now the default behaviour will be to deny those request. + Two new options have been added to manage the list of + authorized/denied clients for zone transfer requests. + In order to be accepted, the request must be issued by a client + that is in the allow list and NOT in the deny list. |