[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher metze at samba.org
Fri Dec 17 08:50:02 MST 2010 

The branch, master has been updated
       via  1dc2fa7 s3:net ads dns register: use "cluster addresses" option if configured (bug #7871)
       via  5e83a05 s3:net ads dns register: add support for specifying addresse on the commandline (bug #7871)
       via  4d91f98 s3:net: add net_update_dns_ext() that accepts a list of addresses as parameter (bug# 7871)
       via  b8f19df s3:net: disable dynamic dns updates at the end of "net ads join" in a cluster (bug #7871)
       via  b3d4b20 util_net: fix a comment typo in interpret_string_addr_internal()
      from  10eaad2 libcli/security: remove unused variable.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 1dc2fa7616207a2d3a9f1cbe69b2ec1fc61634fd
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 16 12:07:24 2010 +0100

    s3:net ads dns register: use "cluster addresses" option if configured (bug #7871)
    
    metze
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    
    Autobuild-User: Stefan Metzmacher <metze at samba.org>
    Autobuild-Date: Fri Dec 17 16:49:14 CET 2010 on sn-devel-104

commit 5e83a05009787d8a2086db1adc1ed58d61b3725d
Author: Michael Adam <obnox at samba.org>
Date:   Thu Dec 16 01:49:14 2010 +0100

    s3:net ads dns register: add support for specifying addresse on the commandline (bug #7871)
    
    In the clustering case, this is also made the only possiblity to do dns updates,
    since the list addresses on the local interfaces is not suitable in that case.
    
    This fixes the "net ads dns register" part of bug #7871.
    It might be extended by a parsing of the "cluster addresses" setting.
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit 4d91f98b433e07922373bf4e3ba9668b7af71a00
Author: Michael Adam <obnox at samba.org>
Date:   Thu Dec 16 00:52:41 2010 +0100

    s3:net: add net_update_dns_ext() that accepts a list of addresses as parameter (bug# 7871)
    
    This generalized form of net_update_dns() will be used to
    add support for specifying a list of addresses on the commandline
    of "net ads dns register".
    
    This prepares the "net ads dns register" part of the fix for bug #7871.
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit b8f19df53e66bf0260b4ae6c49acea87ac379deb
Author: Michael Adam <obnox at samba.org>
Date:   Thu Dec 2 00:42:21 2010 +0100

    s3:net: disable dynamic dns updates at the end of "net ads join" in a cluster (bug #7871)
    
    In a clustered environment, registering the set of ip addresses that are
    assigned to the interfaces of the node that performs the join does usually
    not have the desired effect, since the local interfaces do not carry
    complete set of the cluster's public IP addresses.  And it can also contain
    internal addresses that should not be visible to the outside at all.
    In order to do dns updates in a clustererd setup, use net ads dns register.
    
    This fixes the net ads join part of bug #7871.
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit b3d4b2052534395c97cd959db5db87f78d108d4e
Author: Michael Adam <obnox at samba.org>
Date:   Thu Dec 16 00:24:00 2010 +0100

    util_net: fix a comment typo in interpret_string_addr_internal()
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/util/util_net.c     |    2 +-
 source3/utils/net_ads.c |  109 ++++++++++++++++++++++++++++++++++++++++------
 2 files changed, 95 insertions(+), 16 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/util/util_net.c b/lib/util/util_net.c
index 00a5ee4..8a9b5b1 100644
--- a/lib/util/util_net.c
+++ b/lib/util/util_net.c
@@ -57,7 +57,7 @@ bool interpret_string_addr_internal(struct addrinfo **ppres,
 	hints.ai_flags = flags;
 
 	/* Linux man page on getaddrinfo() says port will be
-	   uninitialized when service string in NULL */
+	   uninitialized when service string is NULL */
 
 	ret = getaddrinfo(str, NULL,
 			&hints,
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 0b2165d..daf2602 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -1216,10 +1216,12 @@ done:
 	return status;
 }
 
-static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname)
+static NTSTATUS net_update_dns_ext(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads,
+				   const char *hostname,
+				   struct sockaddr_storage *iplist,
+				   int num_addrs)
 {
-	int num_addrs;
-	struct sockaddr_storage *iplist = NULL;
+	struct sockaddr_storage *iplist_alloc = NULL;
 	fstring machine_name;
 	NTSTATUS status;
 
@@ -1230,19 +1232,32 @@ static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char
 	}
 	strlower_m( machine_name );
 
-	/* Get our ip address (not the 127.0.0.x address but a real ip
-	 * address) */
-
-	num_addrs = get_my_ip_address( &iplist );
-	if ( num_addrs <= 0 ) {
-		DEBUG(4,("net_update_dns: Failed to find my non-loopback IP "
-			 "addresses!\n"));
-		return NT_STATUS_INVALID_PARAMETER;
+	if (num_addrs == 0 || iplist == NULL) {
+		/*
+		 * Get our ip address
+		 * (not the 127.0.0.x address but a real ip address)
+		 */
+		num_addrs = get_my_ip_address(&iplist_alloc);
+		if ( num_addrs <= 0 ) {
+			DEBUG(4, ("net_update_dns_ext: Failed to find my "
+				  "non-loopback IP addresses!\n"));
+			return NT_STATUS_INVALID_PARAMETER;
+		}
+		iplist = iplist_alloc;
 	}
 
 	status = net_update_dns_internal(mem_ctx, ads, machine_name,
 					 iplist, num_addrs);
-	SAFE_FREE( iplist );
+
+	SAFE_FREE(iplist_alloc);
+	return status;
+}
+
+static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname)
+{
+	NTSTATUS status;
+
+	status = net_update_dns_ext(mem_ctx, ads, hostname, NULL, 0);
 	return status;
 }
 #endif
@@ -1407,6 +1422,23 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
 	}
 
 #if defined(WITH_DNS_UPDATES)
+	/*
+	 * In a clustered environment, don't do dynamic dns updates:
+	 * Registering the set of ip addresses that are assigned to
+	 * the interfaces of the node that performs the join does usually
+	 * not have the desired effect, since the local interfaces do not
+	 * carry the complete set of the cluster's public IP addresses.
+	 * And it can also contain internal addresses that should not
+	 * be visible to the outside at all.
+	 * In order to do dns updates in a clustererd setup, use
+	 * net ads dns register.
+	 */
+	if (lp_clustering()) {
+		d_fprintf(stderr, _("Not doing automatic DNS update in a"
+				    "clustered setup.\n"));
+		goto done;
+	}
+
 	if (r->out.domain_is_ad) {
 		/* We enter this block with user creds */
 		ADS_STRUCT *ads_dns = NULL;
@@ -1433,6 +1465,8 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
 		ads_destroy(&ads_dns);
 	}
 #endif
+
+done:
 	TALLOC_FREE(r);
 	TALLOC_FREE( ctx );
 
@@ -1456,15 +1490,28 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar
 #if defined(WITH_DNS_UPDATES)
 	ADS_STRUCT *ads;
 	ADS_STATUS status;
+	NTSTATUS ntstatus;
 	TALLOC_CTX *ctx;
+	const char *hostname = NULL;
+	const char **addrs_list = NULL;
+	struct sockaddr_storage *addrs = NULL;
+	int num_addrs = 0;
+	int count;
 
 #ifdef DEVELOPER
 	talloc_enable_leak_report();
 #endif
 
-	if (argc > 1 || c->display_usage) {
+	if (argc <= 1 && lp_clustering() && lp_cluster_addresses() == NULL) {
+		d_fprintf(stderr, _("Refusing DNS updates with automatic "
+				    "detection of addresses in a clustered "
+				    "setup.\n"));
+		c->display_usage = true;
+	}
+
+	if (c->display_usage) {
 		d_printf(  "%s\n"
-			   "net ads dns register [hostname]\n"
+			   "net ads dns register [hostname [IP [IP...]]]\n"
 			   "    %s\n",
 			 _("Usage:"),
 			 _("Register hostname with DNS\n"));
@@ -1476,6 +1523,37 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar
 		return -1;
 	}
 
+	if (argc >= 1) {
+		hostname = argv[0];
+	}
+
+	if (argc > 1) {
+		num_addrs = argc - 1;
+		addrs_list = &argv[1];
+	} else if (lp_clustering()) {
+		addrs_list = lp_cluster_addresses();
+		num_addrs = str_list_length(addrs_list);
+	}
+
+	if (num_addrs > 0) {
+		addrs = talloc_zero_array(ctx, struct sockaddr_storage, num_addrs);
+		if (addrs == NULL) {
+			d_fprintf(stderr, _("Error allocating memory!\n"));
+			talloc_free(ctx);
+			return -1;
+		}
+	}
+
+	for (count = 0; count < num_addrs; count++) {
+		if (!interpret_string_addr(&addrs[count], addrs_list[count], 0)) {
+			d_fprintf(stderr, "%s '%s'.\n",
+					  _("Cannot interpret address"),
+					  addrs_list[count]);
+			talloc_free(ctx);
+			return -1;
+		}
+	}
+
 	status = ads_startup(c, true, &ads);
 	if ( !ADS_ERR_OK(status) ) {
 		DEBUG(1, ("error on ads_startup: %s\n", ads_errstr(status)));
@@ -1483,7 +1561,8 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar
 		return -1;
 	}
 
-	if ( !NT_STATUS_IS_OK(net_update_dns(ctx, ads, argc == 1 ? argv[0] : NULL)) ) {
+	ntstatus = net_update_dns_ext(ctx, ads, hostname, addrs, num_addrs);
+	if (!NT_STATUS_IS_OK(ntstatus)) {
 		d_fprintf( stderr, _("DNS update failed!\n") );
 		ads_destroy( &ads );
 		TALLOC_FREE( ctx );


-- 
Samba Shared Repository

More information about the samba-cvs mailing list