[Freeipa-devel] [PATCH 0207] Do not load invalid zones
Petr Spacek
pspacek at redhat.com
Fri Dec 13 16:45:06 UTC 2013
On 27.11.2013 16:34, Petr Spacek wrote:
> Hello,
>
> Do not load invalid zones.
>
> Without this patch, it was possible to load an invalid zone without
> proper SOA or NS records because the fake SOA and NS records allowed
> checks in dns_zone_load() to pass.
>
> With this patch, no fake SOA or NS records are created and
> dns_zone_load() is not called before end of the initial synchronization.
>
> See the function ldapdb_associate() in ldap_driver.c and it's comments.
Patch 207 v2 fixes reconnecting to LDAP.
dns_db_detachnode() call in update_record() function was moved to the cleanup
section - this is workaround for ISC bug #35080.
This patch should go to master branch.
--
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bind-dyndb-ldap-pspacek-0207-2-Do-not-load-invalid-zones.patch
Type: text/x-patch
Size: 24727 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131213/a209426b/attachment.bin>
More information about the Freeipa-devel
mailing list