Hello,

Do not delete whole node during PTR record synchronization.

https://fedorahosted.org/bind-dyndb-ldap/ticket/115

--
Petr Spacek
From 77a5a0e960cb902115cc33beef551e0385016cf4 Mon Sep 17 00:00:00 2001
From: Petr Spacek <pspa...@redhat.com>
Date: Thu, 18 Apr 2013 16:57:00 +0200
Subject: [PATCH] Do not delete whole node during PTR record synchronization.

https://fedorahosted.org/bind-dyndb-ldap/ticket/115

Signed-off-by: Petr Spacek <pspa...@redhat.com>
---
 src/ldap_helper.c | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index 155f04a4e4a7b904bfbd9ee534a6732560cb0a79..4d8fb084e6564597dd694a905d749870c8626c94 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -2922,6 +2922,8 @@ cleanup:
  * @param[in] ptr_name   Name of PTR record generated from IP address in A/AAAA.
  * @param[in] mod_op     LDAP_MOD_DELETE if A/AAAA record is being deleted
  *                       or LDAP_MOD_ADD if A/AAAA record is being added.
+ * @param[out] delete_node Will be set to ISC_TRUE if the database node
+ *                         is empty after PTR record deletion.
  *
  * @retval ISC_R_IGNORE  A and PTR records match, no change is required.
  * @retval ISC_R_SUCCESS Prerequisites fulfilled, update is allowed.
@@ -2935,7 +2937,7 @@ cleanup:
  * ; PTR update will be allowed if the zone contains following data:
  * www.example.com.		A	192.0.2.1
  * 1.2.0.192.in-addr.arpa. 	PTR	www.example.com.
-
+ *
  * ; PTR update will not be allowed if the zone contains following data:
  * www.example.com.		A	192.0.2.1
  * 1.2.0.192.in-addr.arpa. 	PTR	mail.example.com.
@@ -2955,7 +2957,7 @@ cleanup:
 static isc_result_t
 ldap_sync_ptr_validate(ldap_instance_t *ldap_inst, dns_name_t *a_name,
 		       const char *a_name_str, dns_name_t *ptr_name,
-		       int mod_op) {
+		       int mod_op, isc_boolean_t *delete_node) {
 	isc_result_t result;
 	isc_mem_t *mctx = ldap_inst->mctx;
 
@@ -3024,6 +3026,7 @@ ldap_sync_ptr_validate(ldap_instance_t *ldap_inst, dns_name_t *a_name,
 		}
 	}
 
+	*delete_node = ISC_FALSE;
 	if (mod_op == LDAP_MOD_DELETE) {
 		if (ptr_found == ISC_FALSE) {
 			log_debug(3, SYNCPTR_FMTPRE "skipped: no PTR records "
@@ -3037,6 +3040,13 @@ ldap_sync_ptr_validate(ldap_instance_t *ldap_inst, dns_name_t *a_name,
 				  SYNCPTR_FMTPOST, ptr_name_str, ptr_rdata_str,
 				  a_name_str);
 			CLEANUP_WITH(ISC_R_UNEXPECTEDTOKEN);
+
+		} else if (HEAD(ldap_rdlist) == TAIL(ldap_rdlist)) {
+			/* Exactly one PTR record was found and rdlist contains
+			 * exactly one RRset, so the deleted PTR record
+			 * is the only RR in the node. */
+			REQUIRE(HEAD(ldap_rdlist)->type == dns_rdatatype_ptr);
+			*delete_node = ISC_TRUE;
 		}
 
 	} else if (mod_op == LDAP_MOD_ADD && ptr_found == ISC_TRUE) {
@@ -3066,7 +3076,7 @@ cleanup:
 
 static isc_result_t
 ldap_sync_ptr(ldap_instance_t *ldap_inst, dns_name_t *a_name,
-		const char *ip_str, int mod_op, isc_boolean_t delete_node) {
+		const char *ip_str, int mod_op) {
 	isc_result_t result;
 	isc_mem_t *mctx = ldap_inst->mctx;
 
@@ -3083,6 +3093,8 @@ ldap_sync_ptr(ldap_instance_t *ldap_inst, dns_name_t *a_name,
 	settings_set_t *zone_settings = NULL;
 	isc_boolean_t zone_dyn_update;
 
+	isc_boolean_t delete_node;
+
 	dns_name_init(&zone_name, NULL);
 	dns_fixedname_init(&ptr_name);
 	CHECK(str_new(mctx, &ptr_dn));
@@ -3119,7 +3131,8 @@ ldap_sync_ptr(ldap_instance_t *ldap_inst, dns_name_t *a_name,
 	}
 
 	result = ldap_sync_ptr_validate(ldap_inst, a_name, a_name_str,
-					dns_fixedname_name(&ptr_name), mod_op);
+					dns_fixedname_name(&ptr_name), mod_op,
+					&delete_node);
 	if (result == ISC_R_IGNORE)
 		CLEANUP_WITH(ISC_R_SUCCESS);
 	else if (result != ISC_R_SUCCESS)
@@ -3242,7 +3255,7 @@ modify_ldap_common(dns_name_t *owner, ldap_instance_t *ldap_inst,
 		log_debug(3, "sync PTR is enabled for zone '%s'", zone_dn);
 
 		result = ldap_sync_ptr(ldap_inst, owner, change[0]->mod_values[0],
-					 mod_op, delete_node);
+				       mod_op);
 	}
 
 cleanup:
-- 
1.7.11.7

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to