From a48c7445d1abbd78d428e000a6889c8f0a154de6 Mon Sep 17 00:00:00 2001 From: Tomas Halman Date: Tue, 26 Sep 2023 11:05:13 +0200 Subject: [PATCH] dyndns: PTR record updates separately DNS server does not allow updates for different zones in one single step. Those updates must be sent separately. It is complicated and in some cases impossible to detect that PTR updates does not fit into one zone because it often depends on DNS server configuration. With this patch PTR record updates are always sent separately. Resolves: https://github.com/SSSD/sssd/issues/6956 Reviewed-by: Dan Lavu Reviewed-by: Justin Stephenson (cherry picked from commit f0bba9d5178d18e7b08aaa58375916d111dfeb59) --- src/man/sssd-ad.5.xml | 5 +++++ src/man/sssd-ipa.5.xml | 5 +++++ src/providers/be_dyndns.c | 18 +++--------------- src/tests/cmocka/test_dyndns.c | 5 +++++ 4 files changed, 18 insertions(+), 15 deletions(-) diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml index 65778124bfc..082e97e523b 100644 --- a/src/man/sssd-ad.5.xml +++ b/src/man/sssd-ad.5.xml @@ -1262,6 +1262,11 @@ ad_gpo_map_deny = +my_pam_service updated when updating the client's DNS records. Applicable only when dyndns_update is true. + + Note that dyndns_update_per_family + parameter does not apply for PTR record updates. + Those updates are always sent separately. + Default: True diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml index aa6ff238000..4802ce866e4 100644 --- a/src/man/sssd-ipa.5.xml +++ b/src/man/sssd-ipa.5.xml @@ -286,6 +286,11 @@ PTR records automatically when forward records are changed. + + Note that dyndns_update_per_family + parameter does not apply for PTR record updates. + Those updates are always sent separately. + Default: False (disabled) diff --git a/src/providers/be_dyndns.c b/src/providers/be_dyndns.c index 2de9a13a9cd..2c655ef1eeb 100644 --- a/src/providers/be_dyndns.c +++ b/src/providers/be_dyndns.c @@ -402,7 +402,7 @@ nsupdate_msg_add_ptr(char *update_msg, struct sss_iface_addr *addresses, } updateipv4 = talloc_asprintf_append(updateipv4, - "update add %s %d in PTR %s.\n", + "update add %s %d in PTR %s.\nsend\n", ptr, ttl, hostname); break; case AF_INET6: @@ -415,7 +415,7 @@ nsupdate_msg_add_ptr(char *update_msg, struct sss_iface_addr *addresses, } } updateipv6 = talloc_asprintf_append(updateipv6, - "update add %s %d in PTR %s.\n", + "update add %s %d in PTR %s.\nsend\n", ptr, ttl, hostname); break; } @@ -426,21 +426,9 @@ nsupdate_msg_add_ptr(char *update_msg, struct sss_iface_addr *addresses, } } - if (update_per_family && updateipv4[0] && updateipv6[0]) { - /* update per family and both families present */ - return talloc_asprintf_append(update_msg, - "%s" - "send\n" - "%s" - "send\n", - updateipv4, - updateipv6); - } - return talloc_asprintf_append(update_msg, "%s" - "%s" - "send\n", + "%s", updateipv4, updateipv6); } diff --git a/src/tests/cmocka/test_dyndns.c b/src/tests/cmocka/test_dyndns.c index 1ef5a90194c..7526c16a86d 100644 --- a/src/tests/cmocka/test_dyndns.c +++ b/src/tests/cmocka/test_dyndns.c @@ -663,11 +663,13 @@ void dyndns_test_create_ptr_msg(void **state) assert_string_equal(msg, "\nupdate delete 1.0.168.192.in-addr.arpa. in PTR\n" "update add 1.0.168.192.in-addr.arpa. 1234 in PTR bran_stark.\n" + "send\n" "update delete 2.0.168.192.in-addr.arpa. in PTR\n" "update add 2.0.168.192.in-addr.arpa. 1234 in PTR bran_stark.\n" "send\n" "update delete 4.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. in PTR\n" "update add 4.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. 1234 in PTR bran_stark.\n" + "send\n" "update delete 5.5.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. in PTR\n" "update add 5.5.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. 1234 in PTR bran_stark.\n" "send\n"); @@ -680,10 +682,13 @@ void dyndns_test_create_ptr_msg(void **state) assert_string_equal(msg, "\nupdate delete 1.0.168.192.in-addr.arpa. in PTR\n" "update add 1.0.168.192.in-addr.arpa. 1234 in PTR bran_stark.\n" + "send\n" "update delete 2.0.168.192.in-addr.arpa. in PTR\n" "update add 2.0.168.192.in-addr.arpa. 1234 in PTR bran_stark.\n" + "send\n" "update delete 4.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. in PTR\n" "update add 4.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. 1234 in PTR bran_stark.\n" + "send\n" "update delete 5.5.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. in PTR\n" "update add 5.5.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.b.d.c.1.0.0.2.ip6.arpa. 1234 in PTR bran_stark.\n" "send\n");