On 3.6.2014 10:53, Petr Spacek wrote:
Hello,
Fix run-time zone addition for secure zones.
Here comes fix for the fix ...
We really need a test-suite for bind-dyndb-ldap.
https://fedorahosted.org/bind-dyndb-ldap/ticket/56
--
Petr^2 Spacek
From d2b59b0e0a6d175602d36b8c01b1f54d3b64e11a Mon Sep 17 00:00:00 2001
From: Petr Spacek <pspa...@redhat.com>
Date: Mon, 2 Jun 2014 18:07:26 +0200
Subject: [PATCH] Fix run-time zone addition for secure zones.
https://fedorahosted.org/bind-dyndb-ldap/ticket/56
---
src/ldap_helper.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index 1e2d9a983504d5bc29f577c5bfbdbde407ebc380..cdf62588b1058a09885883bdaa4b67edde1b2792 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -2213,6 +2213,7 @@ ldap_parse_master_zoneentry(ldap_entry_t *entry, ldap_instance_t *inst,
dns_name_t name;
dns_zone_t *raw = NULL;
dns_zone_t *secure = NULL;
+ dns_zone_t *toview = NULL;
isc_result_t result;
isc_boolean_t unlock = ISC_FALSE;
isc_boolean_t new_zone = ISC_FALSE;
@@ -2292,13 +2293,10 @@ ldap_parse_master_zoneentry(ldap_entry_t *entry, ldap_instance_t *inst,
CHECK(zr_get_zone_settings(inst->zone_register, &name, &zone_settings));
CHECK(zone_master_reconfigure(entry, zone_settings, raw, secure, task));
- sync_state_get(inst->sctx, &sync_state);
- if (new_zone == ISC_TRUE && sync_state == sync_finished)
- CHECK(publish_zone(task, inst, raw));
-
/* synchronize zone origin with LDAP */
CHECK(zr_get_zone_dbs(inst->zone_register, &name, &ldapdb, &rbtdb));
CHECK(dns_db_newversion(ldapdb, &version));
+ sync_state_get(inst->sctx, &sync_state);
CHECK(zone_sync_apex(inst, entry, name, sync_state, new_zone,
ldapdb, rbtdb, version,
&diff, &new_serial, &ldap_writeback,
@@ -2335,8 +2333,14 @@ ldap_parse_master_zoneentry(ldap_entry_t *entry, ldap_instance_t *inst,
}
/* Do zone load only if the initial LDAP synchronization is done. */
- if (sync_state == sync_finished && data_changed == ISC_TRUE)
- CHECK(load_zone(secure));
+ if (sync_state == sync_finished) {
+ toview = (want_secure == ISC_TRUE) ? secure : raw;
+ if (new_zone == ISC_TRUE) {
+ CHECK(publish_zone(task, inst, toview));
+ }
+ if (data_changed == ISC_TRUE)
+ CHECK(load_zone(toview));
+ }
cleanup:
dns_diff_clear(&diff);
--
1.9.3
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel