141 lines
6.8 KiB
Diff
141 lines
6.8 KiB
Diff
From f0bba9d5178d18e7b08aaa58375916d111dfeb59 Mon Sep 17 00:00:00 2001
|
|
From: Tomas Halman <thalman@redhat.com>
|
|
Date: Tue, 26 Sep 2023 11:05:13 +0200
|
|
Subject: [PATCH] dyndns: PTR record updates separately
|
|
|
|
DNS server does not allow updates for different zones in one
|
|
single step. Those updates must be sent separately.
|
|
|
|
It is complicated and in some cases impossible to detect that
|
|
PTR updates does not fit into one zone because it often depends
|
|
on DNS server configuration.
|
|
|
|
With this patch PTR record updates are always sent separately.
|
|
|
|
Resolves: https://github.com/SSSD/sssd/issues/6956
|
|
|
|
Reviewed-by: Dan Lavu <dlavu@redhat.com>
|
|
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
|
|
|
|
Reference: https://github.com/SSSD/sssd/commit/f0bba9d5178d18e7b08aaa58375916d111dfeb59
|
|
Conflict: NA
|
|
---
|
|
src/man/sssd-ad.5.xml | 5 +++++
|
|
src/man/sssd-ipa.5.xml | 5 +++++
|
|
src/providers/be_dyndns.c | 18 +++---------------
|
|
src/tests/cmocka/test_dyndns.c | 5 +++++
|
|
4 files changed, 18 insertions(+), 15 deletions(-)
|
|
|
|
diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml
|
|
index 65778124b..082e97e52 100644
|
|
--- a/src/man/sssd-ad.5.xml
|
|
+++ b/src/man/sssd-ad.5.xml
|
|
@@ -1262,6 +1262,11 @@ ad_gpo_map_deny = +my_pam_service
|
|
updated when updating the client's DNS records.
|
|
Applicable only when dyndns_update is true.
|
|
</para>
|
|
+ <para>
|
|
+ Note that <emphasis>dyndns_update_per_family</emphasis>
|
|
+ parameter does not apply for PTR record updates.
|
|
+ Those updates are always sent separately.
|
|
+ </para>
|
|
<para>
|
|
Default: True
|
|
</para>
|
|
diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml
|
|
index aa6ff2380..4802ce866 100644
|
|
--- a/src/man/sssd-ipa.5.xml
|
|
+++ b/src/man/sssd-ipa.5.xml
|
|
@@ -286,6 +286,11 @@
|
|
PTR records automatically when forward records
|
|
are changed.
|
|
</para>
|
|
+ <para>
|
|
+ Note that <emphasis>dyndns_update_per_family</emphasis>
|
|
+ parameter does not apply for PTR record updates.
|
|
+ Those updates are always sent separately.
|
|
+ </para>
|
|
<para>
|
|
Default: False (disabled)
|
|
</para>
|
|
diff --git a/src/providers/be_dyndns.c b/src/providers/be_dyndns.c
|
|
index 2de9a13a9..2c655ef1e 100644
|
|
--- a/src/providers/be_dyndns.c
|
|
+++ b/src/providers/be_dyndns.c
|
|
@@ -402,7 +402,7 @@ nsupdate_msg_add_ptr(char *update_msg, struct sss_iface_addr *addresses,
|
|
}
|
|
|
|
updateipv4 = talloc_asprintf_append(updateipv4,
|
|
- "update add %s %d in PTR %s.\n",
|
|
+ "update add %s %d in PTR %s.\nsend\n",
|
|
ptr, ttl, hostname);
|
|
break;
|
|
case AF_INET6:
|
|
@@ -415,7 +415,7 @@ nsupdate_msg_add_ptr(char *update_msg, struct sss_iface_addr *addresses,
|
|
}
|
|
}
|
|
updateipv6 = talloc_asprintf_append(updateipv6,
|
|
- "update add %s %d in PTR %s.\n",
|
|
+ "update add %s %d in PTR %s.\nsend\n",
|
|
ptr, ttl, hostname);
|
|
break;
|
|
}
|
|
@@ -426,21 +426,9 @@ nsupdate_msg_add_ptr(char *update_msg, struct sss_iface_addr *addresses,
|
|
}
|
|
}
|
|
|
|
- if (update_per_family && updateipv4[0] && updateipv6[0]) {
|
|
- /* update per family and both families present */
|
|
- return talloc_asprintf_append(update_msg,
|
|
- "%s"
|
|
- "send\n"
|
|
- "%s"
|
|
- "send\n",
|
|
- updateipv4,
|
|
- updateipv6);
|
|
- }
|
|
-
|
|
return talloc_asprintf_append(update_msg,
|
|
"%s"
|
|
- "%s"
|
|
- "send\n",
|
|
+ "%s",
|
|
updateipv4,
|
|
updateipv6);
|
|
}
|
|
diff --git a/src/tests/cmocka/test_dyndns.c b/src/tests/cmocka/test_dyndns.c
|
|
index 1ef5a9019..7526c16a8 100644
|
|
--- a/src/tests/cmocka/test_dyndns.c
|
|
+++ b/src/tests/cmocka/test_dyndns.c
|
|
@@ -663,11 +663,13 @@ void dyndns_test_create_ptr_msg(void **state)
|
|
assert_string_equal(msg,
|
|
"\nupdate delete 1.0.168.192.in-addr.arpa. in PTR\n"
|
|
"update add 1.0.168.192.in-addr.arpa. 1234 in PTR bran_stark.\n"
|
|
+ "send\n"
|
|
"update delete 2.0.168.192.in-addr.arpa. in PTR\n"
|
|
"update add 2.0.168.192.in-addr.arpa. 1234 in PTR bran_stark.\n"
|
|
"send\n"
|
|
"update delete 4.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. in PTR\n"
|
|
"update add 4.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. 1234 in PTR bran_stark.\n"
|
|
+ "send\n"
|
|
"update delete 5.5.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. in PTR\n"
|
|
"update add 5.5.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. 1234 in PTR bran_stark.\n"
|
|
"send\n");
|
|
@@ -680,10 +682,13 @@ void dyndns_test_create_ptr_msg(void **state)
|
|
assert_string_equal(msg,
|
|
"\nupdate delete 1.0.168.192.in-addr.arpa. in PTR\n"
|
|
"update add 1.0.168.192.in-addr.arpa. 1234 in PTR bran_stark.\n"
|
|
+ "send\n"
|
|
"update delete 2.0.168.192.in-addr.arpa. in PTR\n"
|
|
"update add 2.0.168.192.in-addr.arpa. 1234 in PTR bran_stark.\n"
|
|
+ "send\n"
|
|
"update delete 4.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. in PTR\n"
|
|
"update add 4.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. 1234 in PTR bran_stark.\n"
|
|
+ "send\n"
|
|
"update delete 5.5.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. in PTR\n"
|
|
"update add 5.5.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. 1234 in PTR bran_stark.\n"
|
|
"send\n");
|
|
--
|
|
2.33.0
|
|
|