From 932fa678847e329fb4faf8c2d124fb0eb7235805 Mon Sep 17 00:00:00 2001
From: James Hogarth <james.hogarth@gmail.com>
Date: Tue, 14 Aug 2012 10:54:34 +0100
Subject: [PATCH] Make TTL configurable for dynamic dns updates

---
 src/config/SSSDConfig/__init__.py.in    |    1 +
 src/config/etc/sssd.api.d/sssd-ipa.conf |    1 +
 src/man/sssd-ipa.5.xml                  |   14 ++++++++++++++
 src/providers/ipa/ipa_common.h          |    1 +
 src/providers/ipa/ipa_dyndns.c          |   14 ++++++++++++--
 src/providers/ipa/ipa_opts.h            |    1 +
 6 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in
index b90a8e100e38279c934b5a36ee87062d15eba4b6..567fd0fca8864fd4ac539a83defd06bfe7eb0441 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -129,6 +129,7 @@ option_strings = {
     'ipa_backup_server' : _('Address of backup IPA server'),
     'ipa_hostname' : _('IPA client hostname'),
     'ipa_dyndns_update' : _("Whether to automatically update the client's DNS entry in FreeIPA"),
+    'ipa_dyndns_ttl' : _("The TTL to apply to the client's DNS entry after updating it"),
     'ipa_dyndns_iface' : _("The interface whose IP should be used for dynamic DNS updates"),
     'ipa_hbac_search_base' : _("Search base for HBAC related objects"),
     'ipa_hbac_refresh' : _("The amount of time between lookups of the HBAC rules against the IPA server"),
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index efc1e8b3d557c35332644fa3cee26dbeb3a0adad..561845902e8940d0f1a0877e443f148d07a709d5 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -4,6 +4,7 @@ ipa_server = str, None, false
 ipa_backup_server = str, None, false
 ipa_hostname = str, None, false
 ipa_dyndns_update = bool, None, false
+ipa_dyndns_ttl = int, None, false
 ipa_dyndns_iface = str, None, false
 ipa_hbac_search_base = str, None, false
 ipa_host_search_base = str, None, false
diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml
index 3278306dc933e25c546c527459412f8131436651..c6e151b18c494f99b8baef65c6c5e8d324ed1d2f 100644
--- a/src/man/sssd-ipa.5.xml
+++ b/src/man/sssd-ipa.5.xml
@@ -126,6 +126,20 @@
                 </varlistentry>
 
                 <varlistentry>
+                    <term>ipa_dyndns_ttl (integer)</term>
+                    <listitem>
+                        <para>
+                            The TTL to apply to the client DNS record when updating it.
+                            If ipa_dyndns_update is false this has no effect. This will
+                            override the TTL serverside if set by an administrator.
+                        </para>
+                        <para>
+                            Default: 1200 (seconds)
+                        </para>
+                    </listitem>
+                </varlistentry>
+
+                <varlistentry>
                     <term>ipa_dyndns_iface (string)</term>
                     <listitem>
                         <para>
diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h
index 01e140325900d7b881b5abaab305be1da23b63c0..f077776bd4eb14abd81a6514ce5afc16a4493a37 100644
--- a/src/providers/ipa/ipa_common.h
+++ b/src/providers/ipa/ipa_common.h
@@ -38,6 +38,7 @@ enum ipa_basic_opt {
     IPA_BACKUP_SERVER,
     IPA_HOSTNAME,
     IPA_DYNDNS_UPDATE,
+    IPA_DYNDNS_TTL,
     IPA_DYNDNS_IFACE,
     IPA_HBAC_SEARCH_BASE,
     IPA_HOST_SEARCH_BASE,
diff --git a/src/providers/ipa/ipa_dyndns.c b/src/providers/ipa/ipa_dyndns.c
index 66515e840ebcf20e78deb405c3c456e1905032a5..3f430a337efe5ec5230ba1b9506a3582004f1ece 100644
--- a/src/providers/ipa/ipa_dyndns.c
+++ b/src/providers/ipa/ipa_dyndns.c
@@ -857,7 +857,7 @@ static int create_nsupdate_message(struct ipa_nsupdate_ctx *ctx,
                                    uint8_t remove_af,
                                    bool use_server_with_nsupdate)
 {
-    int ret, i;
+    int ret, i, ttl;
     char *servername = NULL;
     char *realm;
     char *realm_directive;
@@ -935,6 +935,15 @@ static int create_nsupdate_message(struct ipa_nsupdate_ctx *ctx,
         goto done;
     }
 
+    /* Get the TTL details for the record(s) */
+
+    ttl = dp_opt_get_int(ctx->dyndns_ctx->ipa_ctx->basic,
+                             IPA_DYNDNS_TTL);
+    /* Should not happen but just in case set the default */
+    if (!ttl) {
+        ttl = 1200;
+    }
+
     /* Remove existing entries as needed */
     if (remove_af & IPA_DYNDNS_REMOVE_A) {
         ctx->update_msg = talloc_asprintf_append(ctx->update_msg,
@@ -986,8 +995,9 @@ static int create_nsupdate_message(struct ipa_nsupdate_ctx *ctx,
         /* Format the record update */
         ctx->update_msg = talloc_asprintf_append(
                 ctx->update_msg,
-                "update add %s. 86400 in %s %s\n",
+                "update add %s. %d in %s %s\n",
                 ctx->dyndns_ctx->hostname,
+                ttl,
                 new_record->addr->ss_family == AF_INET ? "A" : "AAAA",
                 ip_addr);
         if (ctx->update_msg == NULL) {
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index 13f8ad81ac2ad52a375e5fc616c52b11ad063d0e..6ab34f3233c9440d8396a21ee388d2ac0d23de37 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -35,6 +35,7 @@ struct dp_option ipa_basic_opts[] = {
     { "ipa_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "ipa_hostname", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "ipa_dyndns_update", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
+    { "ipa_dyndns_ttl", DP_OPT_NUMBER, { .number = 1200}, NULL_NUMBER},
     { "ipa_dyndns_iface", DP_OPT_STRING, NULL_STRING, NULL_STRING},
     { "ipa_hbac_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING},
     { "ipa_host_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
-- 
1.7.5.4