Re: [Freeipa-devel] [PATCH 0259] Fix run-time zone addition for invalid secure zones

2014-11-03 Thread Petr Spacek 

On 17.6.2014 16:40, Tomas Hozza wrote:

- Original Message -

Hello,

Fix run-time zone addition for invalid secure zones.

It is important*not*  to delete invalid zones to prevent
ldap_parse_master_zoneentry() from entering infinite cycle.

Zone addition in ldap_parse_master_zoneentry() enforces serial
write-back to LDAP. This write generates LDAP modify event which
again triggers ldap_parse_master_zoneentry() and so on.

https://fedorahosted.org/bind-dyndb-ldap/ticket/56

--
Petr^2  Spacek


Looks good.

ACK.


This is delayed push notice:
8fe1300f4e512a62cf9e5c3038538d52c176fa29

--
Petr^2 Spacek

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0259] Fix run-time zone addition for invalid secure zones

2014-06-17 Thread Tomas Hozza 
- Original Message -
 Hello,
 
 Fix run-time zone addition for invalid secure zones.
 
 It is important *not* to delete invalid zones to prevent
 ldap_parse_master_zoneentry() from entering infinite cycle.
 
 Zone addition in ldap_parse_master_zoneentry() enforces serial
 write-back to LDAP. This write generates LDAP modify event which
 again triggers ldap_parse_master_zoneentry() and so on.
 
 https://fedorahosted.org/bind-dyndb-ldap/ticket/56
 
 --
 Petr^2 Spacek
 

Looks good.

ACK.

Regards,
-- 
Tomas Hozza
Software Engineer - EMEA ENG Developer Experience

PGP: 1D9F3C2D
Red Hat Inc.   http://cz.redhat.com

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH 0259] Fix run-time zone addition for invalid secure zones

2014-06-03 Thread Petr Spacek 

Hello,

Fix run-time zone addition for invalid secure zones.

It is important *not* to delete invalid zones to prevent
ldap_parse_master_zoneentry() from entering infinite cycle.

Zone addition in ldap_parse_master_zoneentry() enforces serial
write-back to LDAP. This write generates LDAP modify event which
again triggers ldap_parse_master_zoneentry() and so on.

https://fedorahosted.org/bind-dyndb-ldap/ticket/56

--
Petr^2 Spacek
From 5a7b999d6e504ede87311a3b8a43f31751f58185 Mon Sep 17 00:00:00 2001
From: Petr Spacek pspa...@redhat.com
Date: Tue, 3 Jun 2014 13:05:51 +0200
Subject: [PATCH] Fix run-time zone addition for invalid secure zones.

It is important *not* to delete invalid zones to prevent
ldap_parse_master_zoneentry() from entering infinite cycle.

Zone addition in ldap_parse_master_zoneentry() enforces serial
write-back to LDAP. This write generates LDAP modify event which
again triggers ldap_parse_master_zoneentry() and so on.

https://fedorahosted.org/bind-dyndb-ldap/ticket/56
---
 src/ldap_helper.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index 0b4f37678eda0961d17dfced92b89642047737f6..7b8ea86b3f8fccdbcebc6ee50aaad8438ebb984b 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -2218,6 +2218,7 @@ ldap_parse_master_zoneentry(ldap_entry_t *entry, ldap_instance_t *inst,
 	isc_boolean_t unlock = ISC_FALSE;
 	isc_boolean_t new_zone = ISC_FALSE;
 	isc_boolean_t want_secure = ISC_FALSE;
+	isc_boolean_t configured = ISC_FALSE;
 	settings_set_t *zone_settings = NULL;
 	isc_boolean_t ldap_writeback;
 	isc_boolean_t data_changed = ISC_FALSE; /* GCC */
@@ -2337,6 +2338,7 @@ ldap_parse_master_zoneentry(ldap_entry_t *entry, ldap_instance_t *inst,
 		if (new_zone == ISC_TRUE) {
 			toview = (want_secure == ISC_TRUE) ? secure : raw;
 			CHECK(publish_zone(task, inst, toview));
+			configured = ISC_TRUE;
 		}
 		if (data_changed == ISC_TRUE)
 			CHECK(load_zone(secure));
@@ -2352,7 +2354,8 @@ cleanup:
 		dns_journal_destroy(journal);
 	if (ldapdb != NULL)
 		dns_db_detach(ldapdb);
-	if (new_zone  result != ISC_R_SUCCESS) {
+	if (new_zone == ISC_TRUE  configured == ISC_FALSE 
+	result != ISC_R_SUCCESS) {
 		/* Failure in ACL parsing or so. */
 		log_error_r(zone '%s': publishing failed, rolling back due to,
 			entry-dn);
-- 
1.9.3

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel