Hello, Replace TTL values > 2^31-1 with 0.
The rule comes from RFC 2181 section 8. https://fedorahosted.org/bind-dyndb-ldap/ticket/117 -- Petr^2 Spacek
From c871eb74dcb1842a96d0d5a5332db0bd33bb5167 Mon Sep 17 00:00:00 2001 From: Petr Spacek <pspa...@redhat.com> Date: Tue, 30 Apr 2013 15:41:40 +0200 Subject: [PATCH] Replace TTL values > 2^31-1 with 0. The rule comes from RFC 2181 section 8. https://fedorahosted.org/bind-dyndb-ldap/ticket/117 Signed-off-by: Petr Spacek <pspa...@redhat.com> --- src/ldap_entry.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/ldap_entry.c b/src/ldap_entry.c index 3e82b39d31c7ed13255de61d0763800b4d01efef..0061b058885d054987adb75f1a2596e87557eabb 100644 --- a/src/ldap_entry.c +++ b/src/ldap_entry.c @@ -504,6 +504,11 @@ ldap_entry_getttl(const ldap_entry_t *entry) result = dns_ttl_fromtext(&ttl_text, &ttl); if (result != ISC_R_SUCCESS) return DEFAULT_TTL; + else if (ttl > 0x7fffffffUL) { + log_error("entry '%s': entry TTL %u > MAXTTL, setting TTL to 0", + entry->dn, ttl); + ttl = 0; + } return ttl; } -- 1.7.11.7
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel