890 |
890 |
return ISC_R_SUCCESS;
|
891 |
891 |
}
|
892 |
892 |
|
|
893 |
|
893 |
894 |
/*
|
894 |
895 |
lookup one record
|
895 |
896 |
*/
|
... | ... | |
907 |
908 |
return dlz_lookup_types(state, zone, name, lookup, NULL);
|
908 |
909 |
}
|
909 |
910 |
|
910 |
|
|
911 |
911 |
/*
|
912 |
912 |
see if a zone transfer is allowed
|
913 |
913 |
*/
|
914 |
914 |
_PUBLIC_ isc_result_t dlz_allowzonexfr(void *dbdata, const char *name, const char *client)
|
915 |
915 |
{
|
916 |
|
/* just say yes for all our zones for now */
|
917 |
916 |
struct dlz_bind9_data *state = talloc_get_type(
|
918 |
917 |
dbdata, struct dlz_bind9_data);
|
919 |
|
return b9_find_zone_dn(state, name, NULL, NULL);
|
|
918 |
isc_result_t ret ;
|
|
919 |
const char **authorized_clients ;
|
|
920 |
unsigned int i ;
|
|
921 |
|
|
922 |
/* check that the zone is known */
|
|
923 |
ret = b9_find_zone_dn(state, name, NULL, NULL);
|
|
924 |
if (ret == ISC_R_SUCCESS) {
|
|
925 |
authorized_clients = lpcfg_dns_zone_transfer_clients(state->lp) ;
|
|
926 |
if (authorized_clients) {
|
|
927 |
state->log(ISC_LOG_INFO, "samba_dlz: checking if client is authorized for zone transfer") ;
|
|
928 |
|
|
929 |
/* if the option is not set, default is to accept all transfers
|
|
930 |
if the option is set, default is to accept only the selected IPs */
|
|
931 |
ret = ISC_R_NOPERM ;
|
|
932 |
for (i = 0; authorized_clients && authorized_clients[i] ; i++) {
|
|
933 |
state->log(ISC_LOG_INFO, "samba_dlz: comparing to %s", authorized_clients[i]) ;
|
|
934 |
if (strcmp(authorized_clients[i], client) == 0) {
|
|
935 |
state->log(ISC_LOG_INFO, "samba_dlz: accepting IP %s", client) ;
|
|
936 |
ret = ISC_R_SUCCESS ;
|
|
937 |
break ;
|
|
938 |
}
|
|
939 |
}
|
|
940 |
}
|
|
941 |
}
|
|
942 |
return ret ;
|
920 |
943 |
}
|
921 |
944 |
|
922 |
945 |
/*
|