The Samba-Bugzilla – Attachment 6136 Details for
Bug 7871
net ads: dynamic dns updates registers wrong list of addresses if "clustering = yes"
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patchset for master
patchset-bug-7871-master.mbox (text/plain), 7.24 KB, created by
Michael Adam
on 2010-12-16 03:01:12 UTC
(
hide
)
Description:
patchset for master
Filename:
MIME Type:
Creator:
Michael Adam
Created:
2010-12-16 03:01:12 UTC
Size:
7.24 KB
patch
obsolete
>From 7cbba83186c76a2744224d108ebb45a511d3cc76 Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Thu, 2 Dec 2010 00:42:21 +0100 >Subject: [PATCH 1/3] s3:net: disable dynamic dns updates at the end of "net ads join" in a cluster (bug #7871) > >In a clustered environment, registering the set of ip addresses that are >assigned to the interfaces of the node that performs the join does usually >not have the desired effect, since the local interfaces do not carry >complete set of the cluster's public IP addresses. And it can also contain >internal addresses that should not be visible to the outside at all. >In order to do dns updates in a clustererd setup, use net ads dns register. > >This fixes the net ads join part of bug #7871. >--- > source3/utils/net_ads.c | 19 +++++++++++++++++++ > 1 files changed, 19 insertions(+), 0 deletions(-) > >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index 0b2165d..8f0d2fb 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1407,6 +1407,23 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) > } > > #if defined(WITH_DNS_UPDATES) >+ /* >+ * In a clustered environment, don't do dynamic dns updates: >+ * Registering the set of ip addresses that are assigned to >+ * the interfaces of the node that performs the join does usually >+ * not have the desired effect, since the local interfaces do not >+ * carry the complete set of the cluster's public IP addresses. >+ * And it can also contain internal addresses that should not >+ * be visible to the outside at all. >+ * In order to do dns updates in a clustererd setup, use >+ * net ads dns register. >+ */ >+ if (lp_clustering()) { >+ d_fprintf(stderr, _("Not doing automatic DNS update in a" >+ "clustered setup.\n")); >+ goto done; >+ } >+ > if (r->out.domain_is_ad) { > /* We enter this block with user creds */ > ADS_STRUCT *ads_dns = NULL; >@@ -1433,6 +1450,8 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) > ads_destroy(&ads_dns); > } > #endif >+ >+done: > TALLOC_FREE(r); > TALLOC_FREE( ctx ); > >-- >1.6.3.3 > > >From 11898d4643dd53839e769ef7122f3a6361779c9f Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Thu, 16 Dec 2010 00:52:41 +0100 >Subject: [PATCH 2/3] s3:net: add net_update_dns_ext() that accepts a list of addresses as parameter (bug# 7871) > >This generalized form of net_update_dns() will be used to >add support for specifying a list of addresses on the commandline >of "net ads dns register". > >This prepares the "net ads dns register" part of the fix for bug #7871. >--- > source3/utils/net_ads.c | 39 +++++++++++++++++++++++++++------------ > 1 files changed, 27 insertions(+), 12 deletions(-) > >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index 8f0d2fb..2d418c4 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1216,10 +1216,12 @@ done: > return status; > } > >-static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname) >+static NTSTATUS net_update_dns_ext(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, >+ const char *hostname, >+ struct sockaddr_storage *iplist, >+ int num_addrs) > { >- int num_addrs; >- struct sockaddr_storage *iplist = NULL; >+ struct sockaddr_storage *iplist_alloc = NULL; > fstring machine_name; > NTSTATUS status; > >@@ -1230,19 +1232,32 @@ static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char > } > strlower_m( machine_name ); > >- /* Get our ip address (not the 127.0.0.x address but a real ip >- * address) */ >- >- num_addrs = get_my_ip_address( &iplist ); >- if ( num_addrs <= 0 ) { >- DEBUG(4,("net_update_dns: Failed to find my non-loopback IP " >- "addresses!\n")); >- return NT_STATUS_INVALID_PARAMETER; >+ if (num_addrs == 0 || iplist == NULL) { >+ /* >+ * Get our ip address >+ * (not the 127.0.0.x address but a real ip address) >+ */ >+ num_addrs = get_my_ip_address(&iplist_alloc); >+ if ( num_addrs <= 0 ) { >+ DEBUG(4, ("net_update_dns_ext: Failed to find my " >+ "non-loopback IP addresses!\n")); >+ return NT_STATUS_INVALID_PARAMETER; >+ } >+ iplist = iplist_alloc; > } > > status = net_update_dns_internal(mem_ctx, ads, machine_name, > iplist, num_addrs); >- SAFE_FREE( iplist ); >+ >+ SAFE_FREE(iplist_alloc); >+ return status; >+} >+ >+static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname) >+{ >+ NTSTATUS status; >+ >+ status = net_update_dns_ext(mem_ctx, ads, hostname, NULL, 0); > return status; > } > #endif >-- >1.6.3.3 > > >From 60a3c3c935bcb4a1af04241a8c9232e0ad296b5b Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Thu, 16 Dec 2010 01:49:14 +0100 >Subject: [PATCH 3/3] s3:net ads dns register: add support for specifying addresse on the commandline (bug #7871) > >In the clustering case, this is also made the only possiblity to do dns updates, >since the list addresses on the local interfaces is not suitable in that case. > >This fixes the "net ads dns register" part of bug #7871. >It might be extended by a parsing of the "cluster addresses" setting. >--- > source3/utils/net_ads.c | 42 +++++++++++++++++++++++++++++++++++++++--- > 1 files changed, 39 insertions(+), 3 deletions(-) > >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index 2d418c4..da33931 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1490,15 +1490,27 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > #if defined(WITH_DNS_UPDATES) > ADS_STRUCT *ads; > ADS_STATUS status; >+ NTSTATUS ntstatus; > TALLOC_CTX *ctx; >+ const char *hostname = NULL; >+ struct sockaddr_storage *addrs = NULL; >+ int num_addrs = 0; >+ int count; > > #ifdef DEVELOPER > talloc_enable_leak_report(); > #endif > >- if (argc > 1 || c->display_usage) { >+ if (argc <= 1 && lp_clustering()) { >+ d_fprintf(stderr, _("Refusing DNS updates with automatic " >+ "detection of addresses in a clustered " >+ "setup.\n")); >+ c->display_usage = true; >+ } >+ >+ if (c->display_usage) { > d_printf( "%s\n" >- "net ads dns register [hostname]\n" >+ "net ads dns register [hostname [IP [IP...]]]\n" > " %s\n", > _("Usage:"), > _("Register hostname with DNS\n")); >@@ -1510,6 +1522,29 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > return -1; > } > >+ if (argc >= 1) { >+ hostname = argv[0]; >+ } >+ >+ if (argc > 1) { >+ num_addrs = argc - 1; >+ addrs = talloc_zero_array(ctx, struct sockaddr_storage, num_addrs); >+ if (addrs == NULL) { >+ d_fprintf(stderr, _("Error allocating memory!\n")); >+ return -1; >+ } >+ } >+ >+ for (count = 0; count < num_addrs; count++) { >+ if (!interpret_string_addr(&addrs[count], argv[count+1], 0)) { >+ d_fprintf(stderr, "%s '%s'.\n", >+ _("Cannot interpret address"), >+ argv[count+1]); >+ talloc_free(ctx); >+ return -1; >+ } >+ } >+ > status = ads_startup(c, true, &ads); > if ( !ADS_ERR_OK(status) ) { > DEBUG(1, ("error on ads_startup: %s\n", ads_errstr(status))); >@@ -1517,7 +1552,8 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > return -1; > } > >- if ( !NT_STATUS_IS_OK(net_update_dns(ctx, ads, argc == 1 ? argv[0] : NULL)) ) { >+ ntstatus = net_update_dns_ext(ctx, ads, hostname, addrs, num_addrs); >+ if (!NT_STATUS_IS_OK(ntstatus)) { > d_fprintf( stderr, _("DNS update failed!\n") ); > ads_destroy( &ads ); > TALLOC_FREE( ctx ); >-- >1.6.3.3 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 7871
: 6136 |
6151