[Freeipa-devel] [PATCH] Bugfixes for bind-dyndb-ldap

2010-12-15 Thread Adam Tkac
/show_bug.cgi?id=622617 If noone has objections I will push patches till end of the week. Regards, Adam -- Adam Tkac, Red Hat, Inc. From d7a0d0544385376fb31d9f59860dc80b3c61e244 Mon Sep 17 00:00:00 2001 From: Adam Tkac at...@redhat.com Date: Wed, 15 Dec 2010 14:59:16 +0100 Subject: [PATCH 1/4

[Freeipa-devel] [PATCH] Fix handling of ANY queries in bind-dyndb-ldap

2010-12-21 Thread Adam Tkac
. 86400 IN A 172.29.255.254 idns.example.com. 86400 IN A 172.30.0.32 --- Regards, Adam -- Adam Tkac, Red Hat, Inc. From 1d7f44970bca635b4ed5a9ccd8521a3da6ae31fc Mon Sep 17 00:00:00 2001 From: Adam Tkac at...@redhat.com Date: Tue, 21 Dec 2010 18:21:29 +0100

Re: [Freeipa-devel] [PATCH] bynd-dyndb-ldap: Add separate keytab principal option

2011-01-03 Thread Adam Tkac
-krb5_keytab)); UNLOCK(ldap_inst-kinit_lock); if (result != ISC_R_SUCCESS) -- 1.7.3.3 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman

Re: [Freeipa-devel] [PATCH] Fix handling of ANY queries in bind-dyndb-ldap

2011-01-03 Thread Adam Tkac
handy ? Yes, I have Fedora 14 test machine with bind-dyndb-ldap OpenLDAP and I verified the patch works well. Feel free to ask me off-list if you need access to the machine. Regards, Adam -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list

[Freeipa-devel] [PATCH] bind-dyndb-ldap: New idnsAllowQuery and idnsAllowTransfer zone attributes

2011-01-10 Thread Adam Tkac
: 192.168.1.0/24 With this setting clients with 127.0.0.1 and ::1 IP addresses and clients from 192.168.1.0/24 network are allowed to obtain resource records from the zone. Comments are welcomed. Regards, Adam -- Adam Tkac, Red Hat, Inc. From bd14752e94a8d72d1c4d57167b3ad8e4be1e6e00 Mon Sep 17 00:00:00

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: New idnsAllowQuery and idnsAllowTransfer zone attributes

2011-01-10 Thread Adam Tkac
On Mon, Jan 10, 2011 at 09:24:40AM -0500, Simo Sorce wrote: On Mon, 10 Jan 2011 12:28:51 +0100 Adam Tkac at...@redhat.com wrote: the attached patch adds new attributes, idnsAllowQuery and idnsAllowTransfer, for the idnsZone. With those attributes it is now possible to set ACLs

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: new parameter timeout

2011-01-10 Thread Adam Tkac
On Mon, Jan 10, 2011 at 05:26:04PM +0100, Jakub Hrozek wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/10/2011 04:36 PM, Adam Tkac wrote: On Mon, Jan 10, 2011 at 04:04:17PM +0100, Jakub Hrozek wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/06/2011 06:23 PM

[Freeipa-devel] [PATCH] bind-dyndb-ldap: Don't leave empty nodes in LDAP after DDNS update

2011-01-12 Thread Adam Tkac
, Adam -- Adam Tkac, Red Hat, Inc. From 03f770ee1fa781092395c06f4f7dd2059e90 Mon Sep 17 00:00:00 2001 From: Adam Tkac at...@redhat.com Date: Mon, 10 Jan 2011 15:25:40 +0100 Subject: [PATCH] Delete node from LDAP if there is no RR associated with the name. If the last DNS resource record

[Freeipa-devel] [PATCH] bind-dyndb-ldap: Don't quit when initial connection to LDAP fails

2011-01-12 Thread Adam Tkac
zones stored in LDAP. Comments are welcomed. Regards, Adam -- Adam Tkac, Red Hat, Inc. From 42e1c6218ced6678ff7266a937108c058e3531bd Mon Sep 17 00:00:00 2001 From: Adam Tkac at...@redhat.com Date: Wed, 12 Jan 2011 16:19:10 +0100 Subject: [PATCH] Don't quit when initial connection to LDAP fails

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: Don't quit when initial connection to LDAP fails

2011-01-12 Thread Adam Tkac
On Wed, Jan 12, 2011 at 12:17:51PM -0500, Simo Sorce wrote: On Wed, 12 Jan 2011 16:24:06 +0100 Adam Tkac at...@redhat.com wrote: as written in https://bugzilla.redhat.com/show_bug.cgi?id=662930 some people use OpenLDAP BIND running on one machine. In this case BIND is started before

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: Don't leave empty nodes in LDAP after DDNS update

2011-01-12 Thread Adam Tkac
On Wed, Jan 12, 2011 at 01:15:36PM -0500, Stephen Gallagher wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/12/2011 07:37 AM, Adam Tkac wrote: Hello, bind-dyndb-ldap currently leaves empty nodes in LDAP when the last DNS resource record associated with the node was removed

Re: [Freeipa-devel] [PATCH] 47 Validate that the reverse DNS record is correct

2011-02-17 Thread Adam Tkac
On Wed, Feb 16, 2011 at 05:26:55PM +0100, Jan Zeleny wrote: Adam Tkac at...@redhat.com wrote: On Wed, Feb 16, 2011 at 10:53:14AM +0100, Jan Zelený wrote: This patch ensures that PTR records added by FreeIPA are compliant with RFC. Nack. In my opinion the _ptrrecord_pre_callback

[Freeipa-devel] [bind-dyndb-ldap] Add support for loading new zones from LDAP

2011-05-17 Thread Adam Tkac
delete zone from LDAP, plugin still doesn't recognize it. Regards, Adam From 61a73c696f7d77e73f5b705c7364adf1f5b53d72 Mon Sep 17 00:00:00 2001 From: Adam Tkac at...@redhat.com Date: Tue, 17 May 2011 13:59:06 +0200 Subject: [PATCH 11/13] Freeze server when changing zones and don't hold

[Freeipa-devel] [PATCH] bind-dyndb-ldap: allow to specify boolean yes/no config params

2011-07-26 Thread Adam Tkac
Hello, attached patch improves settings code to handle boolean yes/no parameters. Comments are welcomed. Regards, Adam From 2e21de21d5c7b67f6117689f401234d65bfe59fd Mon Sep 17 00:00:00 2001 From: Adam Tkac at...@redhat.com Date: Wed, 29 Jun 2011 18:34:25 +0200 Subject: [PATCH] Improve

[Freeipa-devel] bind-dyndb-ldap 1.0.0b1 has been released

2011-08-31 Thread Adam Tkac
Hello, bind-dyndb-ldap 1.0.0b1 has been released. The most notable change is new psearch (yes/no) option. When set to yes then the plugin is able to immediately propagate addition/modification/deletion of zones, without need of the `rndc reload` command. Tarball:

Re: [Freeipa-devel] Structured DNS record API proposal

2011-09-16 Thread Adam Tkac
On 09/16/2011 09:51 AM, Martin Kosek wrote: On Thu, 2011-09-15 at 10:26 +0200, Adam Tkac wrote: Your proposal seems fine for me. However I would recommend not to expose routines for managing DNSSEC related records because DNSSEC is currently not supported in the bind-dyndb-ldap. This doesn't

[Freeipa-devel] [PATCH] bind-dyndb-ldap: Add new ldap_hostname option (ticket #1931)

2011-10-11 Thread Adam Tkac
. Regards, Adam From c6913e6f0bb90253ad141917cb804f74dec070ae Mon Sep 17 00:00:00 2001 From: Adam Tkac at...@redhat.com Date: Tue, 11 Oct 2011 11:21:39 +0200 Subject: [PATCH] Added new ldap_hostname option. Signed-off-by: Adam Tkac at...@redhat.com --- NEWS |4 README

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: Add new ldap_hostname option (ticket #1931)

2011-10-17 Thread Adam Tkac
On 10/12/2011 08:08 PM, Rob Crittenden wrote: Adam Tkac wrote: Hello all, please see attached patch for bind-dyndb-ldap, it should solve (at least from bind-dyndb-ldap side) ticket #1931. It adds new ldap_hostname option and ipa-server-install utility should set this option when /bin

Re: [Freeipa-devel] [PATCH] Skip invalid records

2011-11-18 Thread Adam Tkac
On 11/18/2011 02:18 PM, Jiri Kuncar wrote: Bind-dyndb-ldap: Don't fail to load zone when it contains invalid records. Your patch seems fine for me, thanks. Please check my comments inside the patch. Regards, Adam Needed by ticket #36 https://fedorahosted.org/bind-dyndb-ldap/ticket/36

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: enable/disable PTR synchronization per zone

2011-12-02 Thread Adam Tkac
; + } It would be nice to receive debug msg when idnsAllowSyncPTR is allowed. What about log_debug(3, Sync PTR is allowed for zone %s, zone_dn); Regards, Adam -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https

Re: [Freeipa-devel] named core dump

2012-02-21 Thread Adam Tkac
/mailman/listinfo/freeipa-devel -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0006 Hold bind and plugin global settings in LDAP

2012-02-28 Thread Adam Tkac
On 02/22/2012 12:42 PM, Petr Spacek wrote: Hello, this patch fixes https://fedorahosted.org/bind-dyndb-ldap/ticket/43 - hold bind and plugin global settings in LDAP. Currently it's not optimized for performance. Patch for avoiding unnecessary locking will follow tomorrow or on Friday.

Re: [Freeipa-devel] [PATCH] 0007 Performace optimization for ldap_parse_configentry

2012-02-28 Thread Adam Tkac
On 02/23/2012 04:31 PM, Petr Spacek wrote: Hello, this patch is performance optimization of yesterday's fix https://fedorahosted.org/bind-dyndb-ldap/ticket/43 - hold bind and plugin global settings in LDAP. Thanks for the patch, Petr, please check my comment below and then push the patch to

Re: [Freeipa-devel] [PATCH] 0008 Documentation improvement, configuration check

2012-02-28 Thread Adam Tkac
On 02/28/2012 02:44 PM, Petr Spacek wrote: On 02/24/2012 01:42 PM, Petr Spacek wrote: Hello, this patch is documentation improvement configuration check for situations, where persistent search and zone refresh are enabled at same time. (Which is not allowed.) It's related to fix

Re: [Freeipa-devel] [PATCH] 0009 Support for IPv6 elements in idnsForwarders attribute

2012-03-05 Thread Adam Tkac
)) { + isc_sockaddr_t *addr = NULL; addr = ISC_LIST_HEAD(addrs); ISC_LIST_UNLINK(addrs, addr, link); isc_mem_put(inst-mctx, addr, sizeof(*addr)); -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list

Re: [Freeipa-devel] discussion needed: Support for IPv6 elements in idnsForwarders attribute

2012-03-05 Thread Adam Tkac
On Mon, Mar 05, 2012 at 01:56:14PM +0100, Petr Spacek wrote: Hello, we are back with another proposal from Adam. See last lines. Hello, reply is below... On 03/05/2012 12:32 PM, Adam Tkac wrote: On Thu, Mar 01, 2012 at 07:55:33PM +0100, Petr Spacek wrote: Hello, here is (again

Re: [Freeipa-devel] [PATCH] 0010 Remove unnecessary mctx double checks

2012-03-06 Thread Adam Tkac
12:32 PM, Adam Tkac wrote: +REQUIRE(mctx != NULL); REQUIRE(mctx != NULL); is not needed, every isc_mem_* function checks mctx validity. I checked each REQUIRE(mctx != NULL) and reference to mctx and Adam is right :-D Ack, please push it to master. A bind-dyndb-ldap-pspacek-0010

Re: [Freeipa-devel] named core dump

2012-03-06 Thread Adam Tkac
can catch with you tomorrow on the #freeipa channel. Thanks Marco ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH] 0013 Fix SOA record update

2012-03-23 Thread Adam Tkac
On 03/22/2012 04:27 PM, Petr Spacek wrote: Hello, Hello, this patch fixes wrong SOA updates during DNS zone dynamic update (via nsupdate). It fixes LDAP plugin part of BZ: https://bugzilla.redhat.com/show_bug.cgi?id=805871 Good catch, the patch looks fine for me, please check my

Re: [Freeipa-devel] [PATCH] 0014 Fix crash on reload without any zones

2012-03-23 Thread Adam Tkac
On 03/23/2012 09:59 AM, Petr Spacek wrote: Hello, this patch fixes crash on reload/halt. Current code will crash if no zones were loaded from LDAP (because of connection error or bad DN in config). There is no BZ/ticket for this issue. This patch is fine and fixes

Re: [Freeipa-devel] [PATCH] 0015 Don't try to remove auxiliary nodes from internal RBT

2012-04-04 Thread Adam Tkac
]; - dns_name_format(aname, buf, 255); log_debug(1, Zone '%s' has been removed from database., buf); delete = ISC_TRUE; -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel

Re: [Freeipa-devel] [PATCH] 0017 Fix various memory leaks in Kerberos helper code

2012-04-16 Thread Adam Tkac
(context, keytab); + if (kprincpw) krb5_free_principal(context, kprincpw); + if (my_creds_ptr) krb5_free_cred_contents(context, my_creds_ptr); if (context) krb5_free_context(context); return result; } -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] DNS zone serial number updates [#2554]

2012-04-23 Thread Adam Tkac
think the easiest way is not to use serial in date format. We can simply create zone with serial 1 and then increment it every time when we modify the zone. Regards, Adam -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH 0018] Deadlock detection logic

2012-05-03 Thread Adam Tkac
semaphore_wait_timed(semaphore_t *sem); void semaphore_signal(semaphore_t *sem); #endif /* !_LD_SEMAPHORE_H_ */ -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman

Re: [Freeipa-devel] [PATCH 0018] Deadlock detection logic

2012-05-07 Thread Adam Tkac
On 05/07/2012 12:35 PM, Petr Spacek wrote: On 05/03/2012 02:18 PM, Adam Tkac wrote: On Tue, Apr 24, 2012 at 03:52:00PM +0200, Petr Spacek wrote: On 04/24/2012 03:21 PM, Petr Spacek wrote: Hello, this patch adds deadlock detection (based on simple timeout) to current code. If (probable

Re: [Freeipa-devel] [PATCH 0019] Add proper DN escaping before LDAP library calls

2012-05-09 Thread Adam Tkac
On 05/03/2012 03:46 PM, Petr Spacek wrote: On 05/03/2012 11:25 AM, Petr Spacek wrote: Hello, this patch adds missing DNS-LDAP escaping conversion. It's necessary to prevent (potential) LDAP injection attacks in future. Code isn't very nice, because DNS users decimal escaping \123, LDAP uses

Re: [Freeipa-devel] DNS zone serial number updates [#2554]: local SOA approach

2012-05-25 Thread Adam Tkac
already. After further discussion this seems like the best approach for me as well. Regards, Adam -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0022] fix crash during zone unload when NS is not resolvable

2012-06-07 Thread Adam Tkac
-- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0023] SOA serial number auto incrementation

2012-06-27 Thread Adam Tkac
!= ISC_R_SUCCESS) log_error(update_record (psearch) failed for %s. -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0024] Add debug message to ldap_cache_addrdatalist()

2012-07-13 Thread Adam Tkac
{ + log_debug(20, cache search for 'DNS2STRERR': %s, + isc_result_totext(result)); + } + } + return result; } -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing

Re: [Freeipa-devel] [PATCH] 0025-0028 Implement SOA serial number increments for external changes

2012-07-13 Thread Adam Tkac
903c948f401a9bd82cbc0eb06ac55aa05452c976..a16de45bcc49d00a1eacf42b23c87f24be8d3b2f 100644 --- a/src/rdlist.c +++ b/src/rdlist.c @@ -2,7 +2,7 @@ * Authors: Adam Tkac at...@redhat.com * Martin Nagy mn...@redhat.com * - * Copyright (C) 2009 Red Hat + * Copyright (C) 2009-2012 Red Hat

Re: [Freeipa-devel] [PATCH 0029] Add documention for serial_autoincrement feature

2012-07-13 Thread Adam Tkac
(locally significant). + sync_ptr (default no) Set this option to yes if you would like to keep PTR record synchronized with coresponding A/ record for all zones. -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel

Re: [Freeipa-devel] [PATCH 0031] Prevent crashes in ldap_pool_*() function family

2012-07-13 Thread Adam Tkac
= pool-conns[i]; - if (ldap_conn != NULL) - destroy_ldap_connection(pool, ldap_conn); + destroy_ldap_connection(pool, pool-conns[i]); } return result; } -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0030] Prevent doubled LDAP queries during nonexistent DNS name lookup

2012-07-13 Thread Adam Tkac
, ldap_conn, ISC_FALSE); -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0032-0035]

2012-07-19 Thread Adam Tkac
), + PSEARCH_MODDN(chgtype)); + isc_mem_attach(inst-mctx, mctx); dn = isc_mem_strdup(mctx, entry-dn); -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https

Re: [Freeipa-devel] [PATCH 0036] Raise connection count automatically if serial_autoincrement is enabled

2012-07-19 Thread Adam Tkac
, ldap_inst-psearch)); CHECK(ldap_pool_create(mctx, ldap_inst-connections, ldap_inst-pool)); -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0037] Add missing return value check to new_ldap_instance()

2012-07-19 Thread Adam Tkac
, str_buf(ldap_inst-krb5_principal)); -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0032-0035] Add support for MODDN operation to persistent search implementation

2012-07-19 Thread Adam Tkac
On Thu, Jul 19, 2012 at 01:59:01PM +0200, Petr Spacek wrote: Hello, I have to explain my motivation behind INSIST a bit. Please see comments below. On 07/19/2012 01:43 PM, Adam Tkac wrote: On Wed, Jul 18, 2012 at 01:32:10PM +0200, Petr Spacek wrote: + CHECK(ldap_query(inst, conn

Re: [Freeipa-devel] [PATCH 0038] Fix two memory leaks in ldap_query()

2012-07-23 Thread Adam Tkac
; } /** -- 1.7.7.6 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0040] Handle incomplete/invalid zone unload in same way as BIND's ns_server_del_zone()

2012-07-25 Thread Adam Tkac
); /* dns_zone_getdb() attaches DB implicitly */ dns_zone_unload(zone); } -- 1.7.10.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0041] Cleanup in logging code

2012-07-26 Thread Adam Tkac
*/ -- 1.7.10.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0043] Extend API to be compatible with libdns interface = 90

2012-08-15 Thread Adam Tkac
*/ #endif /* LIBDNS_VERSION_MAJOR = 82 */ +#if LIBDNS_VERSION_MAJOR = 90 + NULL, /* findnodeext */ + NULL/* findext */ +#endif /* LIBDNS_VERSION_MAJOR = 90 */ }; static isc_result_t -- 1.7.11.2 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0042] Flush zones and RRs cache when handling persistent search reconnection

2012-08-15 Thread Adam Tkac
); + UNLOCK(cache-mutex); + return result; +} Regards, Adam -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0044] Fix and comment ispersistent() call in LDAP driver interface

2012-08-15 Thread Adam Tkac
) { UNUSED(db); - return ISC_R_NOTIMPLEMENTED; + return ISC_TRUE; } static void -- 1.7.11.2 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0046] Separate RR data parsing from LDAP connections

2012-08-15 Thread Adam Tkac
) + isc_lex_destroy(qresult-lex); + if (qresult-rdata_target_mem != NULL) + isc_mem_put(qresult-mctx, qresult-rdata_target_mem, MINTSIZ); SAFE_MEM_PUT_PTR(qresult-mctx, qresult); *ldap_qresultp = NULL; } -- 1.7.11.2 -- Adam

Re: [Freeipa-devel] [PATCH 0046] Separate RR data parsing from LDAP connections

2012-08-16 Thread Adam Tkac
On Wed, Aug 15, 2012 at 04:04:26PM +0200, Petr Spacek wrote: On 08/15/2012 03:31 PM, Adam Tkac wrote: On Wed, Aug 01, 2012 at 04:19:11PM +0200, Petr Spacek wrote: Hello, this patch finishes LDAP connection vs. LDAP result separation. It is first step necessary for: https

Re: [Freeipa-devel] [PATCH 0042] Flush zones and RRs cache when handling persistent search reconnection

2012-08-16 Thread Adam Tkac
On Wed, Aug 15, 2012 at 03:55:01PM +0200, Petr Spacek wrote: On 08/15/2012 03:11 PM, Adam Tkac wrote: On Fri, Jul 27, 2012 at 12:16:07PM +0200, Petr Spacek wrote: Hello, this patch implements Flush zones and RRs cache when handling persistent search reconnection behaviour as requested

Re: [Freeipa-devel] [PATCH 0047] Avoid manual connection management outside ldap_query()

2012-08-22 Thread Adam Tkac
: pevent-dn); ldap_query_free(ISC_FALSE, ldap_qresult); - ldap_pool_putconnection(inst-pool, conn); isc_mem_free(mctx, pevent-dbname); isc_mem_free(mctx, pevent-dn); isc_mem_detach(mctx); -- 1.7.11.2 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0050] Fix memory leak in configuration with multiple LDAP instances

2012-09-05 Thread Adam Tkac
= manager_create_db_instance(mctx, name, argv, dyndb_args); -- 1.7.11.2 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 302 Stricter IP network validator in dnszone-add command

2012-09-05 Thread Adam Tkac
at all because FreeIPA targets for company environments where /24 is not so common, not for home environments. The installer uses /24 for IPv4 addresses and /64 for IPv6 addresses, maybe this should be used as a default here as well. Regards, Adam -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0051-0052] Log successful reconnection to LDAP server

2012-09-05 Thread Adam Tkac
)) goto cleanup; - ldap_connect(inst, conn, ISC_TRUE); + handle_connection_error(inst, conn, ISC_TRUE); } CHECK(ldap_query_create(conn-mctx, ldap_qresult)); -- 1.7.11.2 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0053] Use richer set of return codes for LDAP connection error handling code

2012-09-05 Thread Adam Tkac
); + result = ISC_R_UNEXPECTEDTOKEN; break; default: /* Try to reconnect on other errors. */ -- 1.7.11.2 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https

Re: [Freeipa-devel] [PATCH 0051-0052] Log successful reconnection to LDAP server

2012-09-05 Thread Adam Tkac
On Wed, Sep 05, 2012 at 03:53:36PM +0200, Petr Spacek wrote: On 09/05/2012 01:29 PM, Adam Tkac wrote: On Wed, Aug 15, 2012 at 01:20:08PM +0200, Petr Spacek wrote: Hello, this two patches solves upstream ticket https://fedorahosted.org/bind-dyndb-ldap/ticket/71 Log successful reconnect

Re: [Freeipa-devel] [PATCH 0055] Fix race condition in addrdataset() during SOA serial update

2012-09-14 Thread Adam Tkac
|| + isc_serial_gt(new_serial, old_serial) != ISC_TRUE) log_error(SOA serial number incrementation failed in zone '%s', str_buf(zone_dn)); -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa

Re: [Freeipa-devel] [PATCH 0056] Fix crash caused by zone deletion vs. SOA serial increment race condition

2012-09-14 Thread Adam Tkac
); str_destroy(zone_dn); ldapdb_rdatalist_destroy(mctx, rdatalist); -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0057] Fix LDAP operation selection logic in ldap_modify_do()

2012-09-14 Thread Adam Tkac
an * unexisting attribute */ - if (mods[0]-mod_op != LDAP_MOD_DELETE || + if ((mods[0]-mod_op ~LDAP_MOD_BVALUES) != LDAP_MOD_DELETE || err_code != LDAP_NO_SUCH_ATTRIBUTE) { result = ISC_R_FAILURE; } -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0058] Improve persistent search logging

2012-09-14 Thread Adam Tkac
; } -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0059] Fix potential crash after free(uninitialized variable)

2012-09-14 Thread Adam Tkac
) + ber_free(ber, 1); + if (berval != NULL) + ber_bvfree(berval); return result; } -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo

Re: [Freeipa-devel] [PATCH 0065] Bump version in .spec file to 2.0

2012-09-20 Thread Adam Tkac
-- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0066] Log errors from dns_name_concatenate() in zone_refresh() properly

2012-09-21 Thread Adam Tkac
, + aname.buffer); + if (result != ISC_R_SUCCESS) { + log_error_r(unable to concatenate DNS names + during zone_refresh); goto next; } -- 1.7.11.4 -- Adam Tkac, Red Hat

Re: [Freeipa-devel] [PATCH 0062] Prevent memory read outside allocated space in str_alloc()

2012-09-24 Thread Adam Tkac
); + memcpy(new_buffer, str-data, str-allocated); new_buffer[len] = '\0'; isc_mem_put(str-mctx, str-data, str-allocated); } else { -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list

Re: [Freeipa-devel] [PATCH 0054] Allow BIND to start if LDAP connection times out

2012-09-24 Thread Adam Tkac
) { + if (result == ISC_R_NOTCONNECTED || result == ISC_R_TIMEDOUT) { /* LDAP server is down which can happen, continue */ result = ISC_R_SUCCESS; } else if (result != ISC_R_SUCCESS) { -- 1.7.11.2 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0060] Fix zone delete in ldap_zone_delete2()

2012-09-24 Thread Adam Tkac
-zonetable, zone)); CHECK(zr_del_zone(inst-zone_register, name)); dns_zonemgr_releasezone(inst-zmgr, zone); -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman

Re: [Freeipa-devel] [PATCH 0063] Notify DNS slaves if zone serial number modification was detected.

2012-09-24 Thread Adam Tkac
-- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0064] Improve log message about improperly formated Resource Records

2012-09-24 Thread Adam Tkac
-- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0063] Notify DNS slaves if zone serial number modification was detected.

2012-09-24 Thread Adam Tkac
On Mon, Sep 24, 2012 at 03:21:23PM +0200, Petr Spacek wrote: On 09/24/2012 03:09 PM, Adam Tkac wrote: On Mon, Sep 17, 2012 at 02:55:06PM +0200, Petr Spacek wrote: Hello, this patch adds missing notification to DNS slaves if zone serial number modification was detected. Hi, please

Re: [Freeipa-devel] [PATCH 0064] Improve log message about improperly formated Resource Records

2012-09-24 Thread Adam Tkac
On Mon, Sep 24, 2012 at 03:27:13PM +0200, Petr Spacek wrote: On 09/24/2012 03:15 PM, Adam Tkac wrote: On Mon, Sep 17, 2012 at 05:07:44PM +0200, Petr Spacek wrote: Hello, this patch adds DN to log message about improperly formated Resource Records. Hi, please check my comment below

Re: [Freeipa-devel] [PATCH 0068] Fix unable to concatenate DNS names during zone_refresh error

2012-09-24 Thread Adam Tkac
!= ISC_R_SUCCESS) { - log_error_r(unable to concatenate DNS names + log_error_r(unable to concatenate DNS names during zone_refresh); goto next; } -- 1.7.11.4 -- Adam Tkac

Re: [Freeipa-devel] [PATCH 0069] Fix crash caused by empty zone renaming

2012-09-24 Thread Adam Tkac
); entry_record != NULL; entry_record = NEXT(entry_record, link)) { -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com

Re: [Freeipa-devel] [PATCH 0061] Add missing DNS view attach/detach to LDAP instance management code

2012-09-24 Thread Adam Tkac
); DESTROYLOCK(ldap_inst-kinit_lock); -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0070] Fix zone register locking in zr_set_zone_serial_digest()

2012-09-26 Thread Adam Tkac
) { zinfo-serial = serial; memcpy(zinfo-digest, digest, RDLIST_DIGESTLENGTH); } - RWUNLOCK(zr-rwlock, isc_rwlocktype_read); + RWUNLOCK(zr-rwlock, isc_rwlocktype_write); return result; } -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0073] Use NOTAUTH and REFUSED response codes for dynamic updates rather than SERVFAIL

2012-10-04 Thread Adam Tkac
) { log_debug(3, Dynamic Update is not allowed in zone %s, zone_dn); - result = ISC_R_NOPERM; + result = DNS_R_REFUSED; goto cleanup; } -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel

Re: [Freeipa-devel] [PATCH 0072] Fix memory leaks in dynamic update PTR synchronization

2012-10-04 Thread Adam Tkac
, change_ptr); + ldapdb_rdatalist_destroy(mctx, rdlist_search); + free_char_array(mctx, vals); return result; } -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https

Re: [Freeipa-devel] [PATCH 0074] Fix zone removal in persistent search update_zone()

2012-10-09 Thread Adam Tkac
) == NULL); /* no multiple zones with same DN */ - } - - if (delete) + } else { CHECK(ldap_delete_zone(inst, pevent-dn, ISC_TRUE)); + } cleanup: if (result != ISC_R_SUCCESS) -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0075] Prevent misleading partial match error messages for disabled zones

2012-10-09 Thread Adam Tkac
) { log_debug(1, zone '%s' not found in zone register, zone_name_char); - result = ISC_R_SUCCESS; - goto cleanup; + CLEANUP_WITH(ISC_R_SUCCESS); } else if (result != ISC_R_SUCCESS) goto cleanup; -- 1.7.11.4 -- Adam

Re: [Freeipa-devel] [PATCH 0071] Fix potential crash caused by failing zone_register allocation.

2012-10-09 Thread Adam Tkac
; /* Potentially ISC_R_NOSPACE can occur. Destroy codepath has no way to * return errors, so kill BIND. -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo

Re: [Freeipa-devel] [PATCH 0076] Fix crashes on BIND reload caused by improper error handling during new zone addition

2012-10-09 Thread Adam Tkac
= zr_del_zone(inst-zone_register, name); + if (result != ISC_R_SUCCESS) + log_error_r(zone '%s': rollback failed, entry-dn); + } if (unlock) isc_task_endexclusive(task); if (dns_name_dynamic(name)) -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0078] Use automatic connection management in LDAP modification code to prevent potential deadlock

2012-10-09 Thread Adam Tkac
), dns_fixedname_name(ptr_name)); } cleanup: - ldap_pool_putconnection(ldap_inst-pool, ldap_conn); str_destroy(owner_dn_ptr); str_destroy(owner_dn); str_destroy(str_ptr); -- 1.7.11.4 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0079] Update NEWS file for 2.0 release

2012-10-15 Thread Adam Tkac
On Mon, Oct 15, 2012 at 10:38:41AM +0200, Petr Spacek wrote: Hello, Update NEWS file for 2.0 release Hi Peter, are you OK with this version of NEWS? (patch attached) A -- Adam Tkac, Red Hat, Inc. From bcd017c75978e2f78976bb8a2b6d47af26df429a Mon Sep 17 00:00:00 2001 From: Petr

Re: [Freeipa-devel] broken bind-dyndb-ldap in ipa-devel repo

2012-10-16 Thread Adam Tkac
DNS is not possible to use in F17+ipa-devel. Hi Alexander, I'm not sure if I have permissions to rebuild pkgs in ipa-devel repo, I've neved did it before. Is there some manual how to do it? Thanks in advance. Regards, Adam -- Adam Tkac, Red Hat, Inc

[Freeipa-devel] Hide private symbols in the bind-dyndb-ldap

2012-10-17 Thread Adam Tkac
Hello, attached patch hides all symbols except dynamic_driver_{init,destroy}. Feedback is appreciated. Regards, Adam -- Adam Tkac, Red Hat, Inc. From 126929489baf4f69fe0444860776f7e76c1411f2 Mon Sep 17 00:00:00 2001 From: Adam Tkac von...@gmail.com Date: Wed, 17 Oct 2012 13:00:31 +0200 Subject

Re: [Freeipa-devel] Hide private symbols in the bind-dyndb-ldap

2012-10-17 Thread Adam Tkac
On Wed, Oct 17, 2012 at 09:58:36AM -0400, Simo Sorce wrote: On Wed, 2012-10-17 at 13:04 +0200, Adam Tkac wrote: Hello, attached patch hides all symbols except dynamic_driver_{init,destroy}. Feedback is appreciated. Any reason not to use a simple export file ? This is also possible

Re: [Freeipa-devel] [PATCH 0081] Add forward policy none

2012-10-29 Thread Adam Tkac
, inst, name, values)); } + /* No forwarders are used. Zone was removed from fwdtable. + * Load the zone. */ /* Check if we are already serving given zone */ result = zr_get_zone_ptr(inst-zone_register, name, zone); -- 1.7.11.7 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0082] Disable forwarding when forward zones are removed

2012-10-29 Thread Adam Tkac
-- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0083] Flush cache after creating a new forward zone

2012-10-29 Thread Adam Tkac
) { + if (result == ISC_R_SUCCESS) + result = dns_view_flushnode(inst-view, name, ISC_TRUE); /* DO NOT CHANGE ANYTHING ELSE after forwarders are set up! */ goto cleanup; } -- 1.7.11.7 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0080] Prevent false 'zone serial (2012060301) unchanged' error messages

2012-10-29 Thread Adam Tkac
. */ + CHECK(configure_zone_ssutable(zone, )); /* Fetch allow-query and allow-transfer ACLs */ log_debug(2, Setting allow-query for %p: %s, zone, dn); -- 1.7.11.7 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel

Re: [Freeipa-devel] [PATCH 0084] Restore compatibility with BIND 9.8

2012-10-31 Thread Adam Tkac
+ } /* DO NOT CHANGE ANYTHING ELSE after forwarders are set up! */ goto cleanup; } -- 1.7.11.7 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman

Re: [Freeipa-devel] [PATCH 0085] Bump NVR to 2.2

2012-10-31 Thread Adam Tkac
-Version:2.1 +Version:2.2 Release:0%{?dist} Summary:LDAP back-end plug-in for BIND -- 1.7.11.7 -- Adam Tkac, Red Hat, Inc. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com

Re: [Freeipa-devel] [PATCH 0086] Respect global forwarders from named.conf if they are not overridden by LDAP configuration

2012-11-06 Thread Adam Tkac
; }; +typedef struct enum_txt_assoc { + int value; + const char *description; +} enum_txt_assoc_t; + isc_result_t ldapdbnode_create(isc_mem_t *mctx, dns_name_t *owner, ldapdb_node_t **nodep); #endif /* !_LD_TYPES_H_ */ -- 1.7.11.7 -- Adam Tkac, Red Hat, Inc

Re: [Freeipa-devel] [PATCH 0087] Unload master zone if forwarders are specified

2012-11-08 Thread Adam Tkac
) == NULL); /* no multiple zones with same DN */ } else { - CHECK(ldap_delete_zone(inst, pevent-dn, ISC_TRUE)); + CHECK(ldap_delete_zone(inst, pevent-dn, ISC_TRUE, ISC_FALSE)); } cleanup: -- 1.7.11.7 -- Adam Tkac, Red Hat, Inc

  1   2   >