diff options
author | Andreas Schneider <asn@samba.org> | 2017-08-22 17:10:01 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2017-09-05 23:58:20 +0200 |
commit | 3fa7c43ef73b6582e8985bf6d82465ffded9e5db (patch) | |
tree | 2511f5d780f4f03994ba9cfd737d583bac67280d /source4/dns_server | |
parent | 4c9608fb27b0f1bef846b72291ecb515045d3507 (diff) | |
download | samba-3fa7c43ef73b6582e8985bf6d82465ffded9e5db.tar.gz |
s4:bind_dlz: Use the 'binddns dir' if possible
The code makes sure we are backwards compatible. It will first check if
we still have files in the private directory, if yes it will use those.
If the the file is not in the private directory it will try the binddns
dir.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Diffstat (limited to 'source4/dns_server')
-rw-r--r-- | source4/dns_server/dlz_bind9.c | 44 |
1 files changed, 41 insertions, 3 deletions
diff --git a/source4/dns_server/dlz_bind9.c b/source4/dns_server/dlz_bind9.c index 6ef378c75a6..8e0820ddd77 100644 --- a/source4/dns_server/dlz_bind9.c +++ b/source4/dns_server/dlz_bind9.c @@ -682,11 +682,23 @@ _PUBLIC_ isc_result_t dlz_create(const char *dlzname, } if (state->options.url == NULL) { - state->options.url = lpcfg_private_path(state, state->lp, "dns/sam.ldb"); + state->options.url = lpcfg_private_path(state, + state->lp, + "dns/sam.ldb"); if (state->options.url == NULL) { result = ISC_R_NOMEMORY; goto failed; } + + if (!file_exist(state->options.url)) { + state->options.url = talloc_asprintf(state, + "%s/dns/sam.ldb", + lpcfg_binddns_dir(state->lp)); + if (state->options.url == NULL) { + result = ISC_R_NOMEMORY; + goto failed; + } + } } state->samdb = samdb_connect_url(state, state->ev_ctx, state->lp, @@ -1266,6 +1278,7 @@ _PUBLIC_ isc_boolean_t dlz_ssumatch(const char *signer, const char *name, const DATA_BLOB ap_req; struct cli_credentials *server_credentials; char *keytab_name; + char *keytab_file = NULL; int ret; int ldb_ret; NTSTATUS nt_status; @@ -1307,8 +1320,33 @@ _PUBLIC_ isc_boolean_t dlz_ssumatch(const char *signer, const char *name, const cli_credentials_set_krb5_context(server_credentials, state->smb_krb5_ctx); cli_credentials_set_conf(server_credentials, state->lp); - keytab_name = talloc_asprintf(tmp_ctx, "FILE:%s/dns.keytab", - lpcfg_private_dir(state->lp)); + keytab_file = talloc_asprintf(tmp_ctx, + "%s/dns.keytab", + lpcfg_private_dir(state->lp)); + if (keytab_file == NULL) { + state->log(ISC_LOG_ERROR, "samba_dlz: Out of memory!"); + talloc_free(tmp_ctx); + return ISC_FALSE; + } + + if (!file_exist(keytab_file)) { + keytab_file = talloc_asprintf(tmp_ctx, + "%s/dns.keytab", + lpcfg_binddns_dir(state->lp)); + if (keytab_file == NULL) { + state->log(ISC_LOG_ERROR, "samba_dlz: Out of memory!"); + talloc_free(tmp_ctx); + return ISC_FALSE; + } + } + + keytab_name = talloc_asprintf(tmp_ctx, "FILE:%s", keytab_file); + if (keytab_name == NULL) { + state->log(ISC_LOG_ERROR, "samba_dlz: Out of memory!"); + talloc_free(tmp_ctx); + return ISC_FALSE; + } + ret = cli_credentials_set_keytab_name(server_credentials, state->lp, keytab_name, CRED_SPECIFIED); if (ret != 0) { |