Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: Don't leave empty nodes in LDAP after DDNS update

2011-01-14 Thread Simo Sorce 
On Wed, 12 Jan 2011 13:27:24 -0500
Stephen Gallagher sgall...@redhat.com wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 On 01/12/2011 01:25 PM, Adam Tkac wrote:
  On Wed, Jan 12, 2011 at 01:15:36PM -0500, Stephen Gallagher wrote:
  Nack.
 
  Your prototype for ldap_modify_do() includes 'isc_result_t
  delete_node', but the actual implementation expects 'isc_boolean_t
  delete_node'. I'm guessing that by coincidence these typedefs are
  the same primitive type, but I'd rather they both use
  isc_boolean_t which is more correct.
 
  Otherwise it looks good to me.
  
  Good catch! Fixed patch is attached.
  
  Regards, Adam
  
 
 Ack

This one was pushed.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: Don't leave empty nodes in LDAP after DDNS update

2011-01-12 Thread Stephen Gallagher 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 01/12/2011 07:37 AM, Adam Tkac wrote:
 Hello,
 
 bind-dyndb-ldap currently leaves empty nodes in LDAP when the last
 DNS resource record associated with the node was removed:
 
 Before DDNS update:
 
 dn: idnsName=test,idnsName=example.com,ou=dns,dc=example,dc=com
 aRecord: 1.1.1.1
 dNSTTL: 
 objectClass: idnsRecord
 idnsName: test
 
 After DDNS update (removal of test.example.com A 1.1.1.1 record):
 
 dn: idnsName=test,idnsName=example.com,ou=dns,dc=example,dc=com
 dNSTTL: 
 objectClass: idnsRecord
 idnsName: test
 
 As you can see this node is empty and useless.
 
 With the patch the whole node is removed.
 
 Comments are welcomed.
 
 Regards, Adam



Nack.

Your prototype for ldap_modify_do() includes 'isc_result_t delete_node',
but the actual implementation expects 'isc_boolean_t delete_node'. I'm
guessing that by coincidence these typedefs are the same primitive type,
but I'd rather they both use isc_boolean_t which is more correct.


Otherwise it looks good to me.

- -- 
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk0t78gACgkQeiVVYja6o6M3rQCeI8y2pRMVjfaXJ8atOCByQIE/
CVIAoKIFVdTy0DFe6Du2Q3SsXMGHUV7O
=ZlI/
-END PGP SIGNATURE-

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: Don't leave empty nodes in LDAP after DDNS update

2011-01-12 Thread Adam Tkac 
On Wed, Jan 12, 2011 at 01:15:36PM -0500, Stephen Gallagher wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 On 01/12/2011 07:37 AM, Adam Tkac wrote:
  Hello,
  
  bind-dyndb-ldap currently leaves empty nodes in LDAP when the last
  DNS resource record associated with the node was removed:
  
  Before DDNS update:
  
  dn: idnsName=test,idnsName=example.com,ou=dns,dc=example,dc=com
  aRecord: 1.1.1.1
  dNSTTL: 
  objectClass: idnsRecord
  idnsName: test
  
  After DDNS update (removal of test.example.com A 1.1.1.1 record):
  
  dn: idnsName=test,idnsName=example.com,ou=dns,dc=example,dc=com
  dNSTTL: 
  objectClass: idnsRecord
  idnsName: test
  
  As you can see this node is empty and useless.
  
  With the patch the whole node is removed.
  
  Comments are welcomed.
  
  Regards, Adam
 
 
 
 Nack.
 
 Your prototype for ldap_modify_do() includes 'isc_result_t delete_node',
 but the actual implementation expects 'isc_boolean_t delete_node'. I'm
 guessing that by coincidence these typedefs are the same primitive type,
 but I'd rather they both use isc_boolean_t which is more correct.
 
 Otherwise it looks good to me.

Good catch! Fixed patch is attached.

Regards, Adam

-- 
Adam Tkac, Red Hat, Inc.
From 5a1ddebaa55d5fcf97e4a10401d4339adcd29aab Mon Sep 17 00:00:00 2001
From: Adam Tkac at...@redhat.com
Date: Mon, 10 Jan 2011 15:25:40 +0100
Subject: [PATCH] Delete node from LDAP if there is no RR associated with the 
name.

If the last DNS resource record associated with the name is removed
then remove the whole node from LDAP.

Solves https://fedorahosted.org/bind-dyndb-ldap/ticket/1.

Signed-off-by: Adam Tkac at...@redhat.com
---
 src/ldap_driver.c |   14 +-
 src/ldap_helper.c |   29 ++---
 src/ldap_helper.h |2 +-
 3 files changed, 32 insertions(+), 13 deletions(-)

diff --git a/src/ldap_driver.c b/src/ldap_driver.c
index 965877c..9c1da40 100644
--- a/src/ldap_driver.c
+++ b/src/ldap_driver.c
@@ -787,6 +787,7 @@ subtractrdataset(dns_db_t *db, dns_dbnode_t *node, 
dns_dbversion_t *version,
dns_rdatalist_t *rdlist;
dns_rdatalist_t diff;
isc_result_t result;
+   isc_boolean_t delete_node = ISC_FALSE;
 
REQUIRE(version == ldapdb_version);
 
@@ -822,7 +823,18 @@ subtractrdataset(dns_db_t *db, dns_dbnode_t *node, 
dns_dbversion_t *version,
goto cleanup;
}
 
-   CHECK(remove_from_ldap(ldapdbnode-owner, ldapdb-ldap_inst, diff));
+   /*
+* If there is only one rdatalist in the node with no rdata
+* it means all resource records associated with the node's DNS
+* name (owner) was deleted. So delete the whole node from the
+* LDAP.
+*/
+   if (HEAD(ldapdbnode-rdatalist) == TAIL(ldapdbnode-rdatalist) 
+   HEAD((HEAD(ldapdbnode-rdatalist))-rdata) == NULL)
+   delete_node = ISC_TRUE;
+
+   CHECK(remove_from_ldap(ldapdbnode-owner, ldapdb-ldap_inst, diff,
+  delete_node));
CHECK(discard_from_cache(ldapdb-ldap_cache, ldapdbnode-owner));
 
if (newrdataset != NULL) {
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index e29bd04..aee3f52 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -259,7 +259,7 @@ static isc_result_t ldap_query(ldap_connection_t 
*ldap_conn, const char *base,
 
 /* Functions for writing to LDAP. */
 static isc_result_t ldap_modify_do(ldap_connection_t *ldap_conn, const char 
*dn,
-   LDAPMod **mods);
+   LDAPMod **mods, isc_boolean_t delete_node);
 static isc_result_t ldap_rdttl_to_ldapmod(isc_mem_t *mctx,
dns_rdatalist_t *rdlist, LDAPMod **changep);
 static isc_result_t ldap_rdatalist_to_ldapmod(isc_mem_t *mctx,
@@ -269,7 +269,7 @@ static isc_result_t ldap_rdata_to_char_array(isc_mem_t 
*mctx,
dns_rdata_t *rdata_head, char ***valsp);
 static void free_char_array(isc_mem_t *mctx, char ***valsp);
 static isc_result_t modify_ldap_common(dns_name_t *owner, ldap_instance_t 
*ldap_inst,
-   dns_rdatalist_t *rdlist, int mod_op);
+   dns_rdatalist_t *rdlist, int mod_op, isc_boolean_t delete_node);
 
 isc_result_t
 new_ldap_instance(isc_mem_t *mctx, const char *db_name,
@@ -1740,7 +1740,8 @@ handle_connection_error(ldap_connection_t *ldap_conn, 
isc_result_t *result)
 
 /* FIXME: Handle the case where the LDAP handle is NULL - try to reconnect. */
 static isc_result_t
-ldap_modify_do(ldap_connection_t *ldap_conn, const char *dn, LDAPMod **mods)
+ldap_modify_do(ldap_connection_t *ldap_conn, const char *dn, LDAPMod **mods,
+  isc_boolean_t delete_node)
 {
int ret;
int err_code;
@@ -1750,9 +1751,14 @@ ldap_modify_do(ldap_connection_t *ldap_conn, const char 
*dn, LDAPMod **mods)
REQUIRE(dn != NULL);
REQUIRE(mods != NULL);
 
-   log_debug(2, writing to '%s', dn);
+   if (delete_node) {
+   log_debug(2, deleting whole node: '%s', dn);

Re: [Freeipa-devel] [PATCH] bind-dyndb-ldap: Don't leave empty nodes in LDAP after DDNS update

2011-01-12 Thread Stephen Gallagher 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 01/12/2011 01:25 PM, Adam Tkac wrote:
 On Wed, Jan 12, 2011 at 01:15:36PM -0500, Stephen Gallagher wrote:
 Nack.

 Your prototype for ldap_modify_do() includes 'isc_result_t delete_node',
 but the actual implementation expects 'isc_boolean_t delete_node'. I'm
 guessing that by coincidence these typedefs are the same primitive type,
 but I'd rather they both use isc_boolean_t which is more correct.

 Otherwise it looks good to me.
 
 Good catch! Fixed patch is attached.
 
 Regards, Adam
 

Ack

- -- 
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk0t8owACgkQeiVVYja6o6MMYQCcDkN3rfHWqPFd6EbyaK04HVL/
M10Ani4631Mf21ZPdAqKINf1N7wLCZQ9
=HNiC
-END PGP SIGNATURE-

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel