From 61a07df824f2231609b2b3bd157e995f623425a3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 11 Sep 2012 20:59:51 +1000 Subject: [PATCH] dns_server: Attempt to SET and UNSET the sessionInfo to match the incoming user This avoids re-opening the DB as the correct user, but applies all the right ACLs and resulting owner. This needs a bit more testing... Andrew Bartlett Signed-off-by: Stefan Metzmacher Signed-off-by: Kai Blin --- source4/dns_server/dns_update.c | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c index aa80b52bdd7..76d263b63d9 100644 --- a/source4/dns_server/dns_update.c +++ b/source4/dns_server/dns_update.c @@ -664,12 +664,22 @@ static WERROR handle_updates(struct dns_server *dns, uint16_t ri; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + if (tkey != NULL) { + ret = ldb_set_opaque(dns->samdb, "sessionInfo", tkey->session_info); + if (ret != LDB_SUCCESS) { + DEBUG(1, ("unable to set session info\n")); + werror = DNS_ERR(SERVER_FAILURE); + goto failed; + } + } + werror = dns_name2dn(dns, tmp_ctx, zone->name, &zone_dn); - W_ERROR_NOT_OK_RETURN(werror); + W_ERROR_NOT_OK_GOTO(werror, failed); ret = ldb_transaction_start(dns->samdb); if (ret != LDB_SUCCESS) { - return DNS_ERR(SERVER_FAILURE); + werror = DNS_ERR(SERVER_FAILURE); + goto failed; } werror = check_prerequisites(dns, tmp_ctx, zone, prereqs, pcount); @@ -685,10 +695,22 @@ static WERROR handle_updates(struct dns_server *dns, ldb_transaction_commit(dns->samdb); TALLOC_FREE(tmp_ctx); + + if (tkey != NULL) { + ldb_set_opaque(dns->samdb, "sessionInfo", + system_session(dns->task->lp_ctx)); + } + return WERR_OK; failed: ldb_transaction_cancel(dns->samdb); + + if (tkey != NULL) { + ldb_set_opaque(dns->samdb, "sessionInfo", + system_session(dns->task->lp_ctx)); + } + TALLOC_FREE(tmp_ctx); return werror; -- 2.11.4.GIT