Re: [Freeipa-devel] [PATCH 0258] Fix run-time zone addition for secure zones

Wed, 04 Jun 2014 08:36:14 -0700 

On 3.6.2014 10:53, Petr Spacek wrote:

Hello,

Fix run-time zone addition for secure zones.


Here comes fix for the fix ...

We really need a test-suite for bind-dyndb-ldap.


https://fedorahosted.org/bind-dyndb-ldap/ticket/56


--
Petr^2 Spacek

From d2b59b0e0a6d175602d36b8c01b1f54d3b64e11a Mon Sep 17 00:00:00 2001
From: Petr Spacek <pspa...@redhat.com>
Date: Mon, 2 Jun 2014 18:07:26 +0200
Subject: [PATCH] Fix run-time zone addition for secure zones.

https://fedorahosted.org/bind-dyndb-ldap/ticket/56
---
 src/ldap_helper.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index 1e2d9a983504d5bc29f577c5bfbdbde407ebc380..cdf62588b1058a09885883bdaa4b67edde1b2792 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -2213,6 +2213,7 @@ ldap_parse_master_zoneentry(ldap_entry_t *entry, ldap_instance_t *inst,
 	dns_name_t name;
 	dns_zone_t *raw = NULL;
 	dns_zone_t *secure = NULL;
+	dns_zone_t *toview = NULL;
 	isc_result_t result;
 	isc_boolean_t unlock = ISC_FALSE;
 	isc_boolean_t new_zone = ISC_FALSE;
@@ -2292,13 +2293,10 @@ ldap_parse_master_zoneentry(ldap_entry_t *entry, ldap_instance_t *inst,
 	CHECK(zr_get_zone_settings(inst->zone_register, &name, &zone_settings));
 	CHECK(zone_master_reconfigure(entry, zone_settings, raw, secure, task));
 
-	sync_state_get(inst->sctx, &sync_state);
-	if (new_zone == ISC_TRUE && sync_state == sync_finished)
-		CHECK(publish_zone(task, inst, raw));
-
 	/* synchronize zone origin with LDAP */
 	CHECK(zr_get_zone_dbs(inst->zone_register, &name, &ldapdb, &rbtdb));
 	CHECK(dns_db_newversion(ldapdb, &version));
+	sync_state_get(inst->sctx, &sync_state);
 	CHECK(zone_sync_apex(inst, entry, name, sync_state, new_zone,
 			     ldapdb, rbtdb, version,
 			     &diff, &new_serial, &ldap_writeback,
@@ -2335,8 +2333,14 @@ ldap_parse_master_zoneentry(ldap_entry_t *entry, ldap_instance_t *inst,
 	}
 
 	/* Do zone load only if the initial LDAP synchronization is done. */
-	if (sync_state == sync_finished && data_changed == ISC_TRUE)
-		CHECK(load_zone(secure));
+	if (sync_state == sync_finished) {
+		toview = (want_secure == ISC_TRUE) ? secure : raw;
+		if (new_zone == ISC_TRUE) {
+			CHECK(publish_zone(task, inst, toview));
+		}
+		if (data_changed == ISC_TRUE)
+			CHECK(load_zone(toview));
+	}
 
 cleanup:
 	dns_diff_clear(&diff);
-- 
1.9.3


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to