Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 600007 Details for
Bug 842498
ISC-DHCP server with LDAP configuration does not respect FailOver options
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Patch without the ldif formatted schema changes.
dhcp-4.2.4-FailOverPeer.patch (text/plain), 13.20 KB, created by
William Brown
on 2012-07-24 12:24:46 UTC
(
hide
)
Description:
Patch without the ldif formatted schema changes.
Filename:
MIME Type:
Creator:
William Brown
Created:
2012-07-24 12:24:46 UTC
Size:
13.20 KB
patch
obsolete
>--- dhcp-4.2.4.old/server/ldap.c 2012-07-04 07:25:43.807456040 +0930 >+++ dhcp-4.2.4.work/server/ldap.c 2012-07-23 05:39:33.766054951 +0930 >@@ -222,6 +222,56 @@ parse_netmask (int netmask, char *netmas > } > > >+static int >+getfqhostname(char *fqhost, size_t size) >+{ >+#if defined(MAXHOSTNAMELEN) >+ char hname[MAXHOSTNAMELEN]; >+#else >+ char hname[65]; >+#endif >+ struct hostent *hp; >+ >+ if(NULL == fqhost || 1 >= size) >+ return -1; >+ >+ memset(hname, 0, sizeof(hname)); >+ if( gethostname(hname, sizeof(hname)-1)) >+ return -1; >+ >+ if(NULL == (hp = gethostbyname(hname))) >+ return -1; >+ >+ strncpy(fqhost, hp->h_name, size-1); >+ fqhost[size-1] = '\0'; >+ return 0; >+} >+ >+ >+static int >+gethostnametoip(char *dst, char *hostname) >+{ >+ struct addrinfo hints, *servinfo, *p; >+ struct sockaddr_in *h; >+ int rv = 0; >+ >+ memset(&hints, 0, sizeof(hints)); >+ hints.ai_family = AF_UNSPEC; // use AF_INET6 to force IPv6 >+ hints.ai_socktype = SOCK_STREAM; >+ if ( (rv = getaddrinfo( hostname , "http" , &hints , &servinfo)) != 0) >+ { >+ log_error ("getaddrinfo: %s\n", gai_strerror(rv)); >+ return rv; >+ } >+ for ( p = servinfo; p != NULL; p = p->ai_next) >+ { >+ h = (struct sockaddr_in * ) p->ai_addr; >+ strcpy(dst, inet_ntoa(h->sin_addr)); >+ } >+ freeaddrinfo(servinfo); >+ return 0; >+} >+ > static void > ldap_parse_subnet (struct ldap_config_stack *item, struct parse *cfile) > { >@@ -284,6 +334,9 @@ ldap_parse_pool (struct ldap_config_stac > > x_strncat (cfile->inbuf, "pool {\n", LDAP_BUFFER_SIZE); > >+ // TODO - This should also have a new attribute, dhcpFailOver that lists the failover pool we are in. >+ // This could be the DN, but we don't want to "accidentaly" follow it, but the DN makes the most sense ... >+ > if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpRange")) != NULL) > { > x_strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE); >@@ -306,6 +359,28 @@ ldap_parse_pool (struct ldap_config_stac > ldap_value_free_len (tempbv); > } > >+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpFailOverDN")) != NULL) >+ { >+ if (tempbv != NULL && tempbv[0] != NULL) >+ { >+#if defined (DEBUG_LDAP) >+ log_info ("ldap_parse_pool : FailOver DN %s", tempbv[0]->bv_val); >+#endif >+ char delims[] = "=,"; >+ char *result = NULL; >+ result = strtok( tempbv[0]->bv_val, delims ); >+ if (result != NULL) >+ { >+ x_strncat (cfile->inbuf, "failover peer \"", LDAP_BUFFER_SIZE); >+ //We don't need the whole string - we just need the first cn attr from index(tempbv[0]->bv_val, '=') going up to the first ',' >+ x_strncat (cfile->inbuf, strtok( NULL, delims) , LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, "\";\n", LDAP_BUFFER_SIZE); >+ } >+ } >+ ldap_value_free_len (tempbv); >+ } >+ >+ > item->close_brace = 1; > } > >@@ -415,6 +490,210 @@ ldap_parse_zone (struct ldap_config_stac > > > static void >+ldap_parse_failoverpeer (struct ldap_config_stack *item, struct parse *cfile) >+{ >+ struct berval **tempbv, **primary, **secondary, **primaryport, **secondaryport; >+ struct berval **self, **selfport, **peer, **peerport; >+ struct berval **split, **responsedelay, **unackedupdates, **clientleadtime, **hashbucket; >+ struct berval **loadbalancetime, **comments; >+ char fqdn[257], ip[100], peerip[100]; >+ char hostname[257]; >+ int role = 0; >+ struct utsname unme; >+ >+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL || >+ tempbv[0] == NULL) >+ { >+ if (tempbv != NULL) >+ ldap_value_free_len (tempbv); >+ >+ return; >+ } >+ >+ //These are mandatory >+ primary = ldap_get_values_len (ld, item->ldent, "dhcpFailOverPrimaryServer"); >+ secondary = ldap_get_values_len (ld, item->ldent, "dhcpFailOverSecondaryServer"); >+ primaryport = ldap_get_values_len (ld, item->ldent, "dhcpFailOverPrimaryPort"); >+ secondaryport = ldap_get_values_len (ld, item->ldent, "dhcpFailOverSecondaryPort"); >+ split = ldap_get_values_len (ld, item->ldent, "dhcpFailOverSplit"); >+ //These are optional >+ responsedelay = ldap_get_values_len (ld, item->ldent, "dhcpFailOverResponseDelay"); >+ unackedupdates = ldap_get_values_len (ld, item->ldent, "dhcpFailOverUnackedUpdates"); >+ clientleadtime = ldap_get_values_len (ld, item->ldent, "dhcpMaxClientLeadTime"); >+ hashbucket = ldap_get_values_len (ld, item->ldent, "dhcpHashBucketAssignment"); >+ loadbalancetime = ldap_get_values_len (ld, item->ldent, "dhcpFailOverLoadBalanceTime"); >+ //Should we bother with this .... ? >+ comments = ldap_get_values_len (ld, item->ldent, "dhcpComments"); >+ >+ // We should be a bit more robust - lets check we have all the options we need before we >+ // Jump in and start configuring things. >+ >+ if ( primary != NULL && >+ primary[0] != NULL && >+ secondary != NULL && >+ secondary[0] != NULL && >+ primaryport != NULL && >+ primaryport[0] != NULL && >+ secondaryport != NULL && >+ secondaryport[0] != NULL && >+ split != NULL && >+ split[0] != NULL && >+ clientleadtime != NULL && >+ clientleadtime[0] != NULL ) >+ { >+ >+ //We need to know our FQDN, to match against the primary / secondary item >+ // We always seem to have unme.nodename avaliable, but use fqdn if we can >+ if(0 == getfqhostname(fqdn, sizeof(fqdn))) >+ { >+ strcpy(hostname, fqdn); >+ } >+ else >+ { >+ strcpy(hostname, unme.nodename); >+ } >+#if defined (DEBUG_LDAP) >+ log_info ("ldap_parse_failoverpeer : hostname = %s " , hostname); >+#endif >+ >+ if(gethostnametoip(ip, hostname) != 0) >+ { >+ return; >+ } >+ >+ if ( (strcmp(hostname, primary[0]->bv_val) == 0) || >+ (strcmp(ip, primary[0]->bv_val) == 0 ) ) >+ { >+#if defined (DEBUG_LDAP) >+ log_info ("ldap_parse_failoverpeer : primary server"); >+#endif >+ role = 1; >+ self = primary; >+ selfport = primaryport; >+ peer = secondary; >+ peerport = secondaryport; >+ } >+ else if ( (strcmp(hostname, secondary[0]->bv_val) == 0) || >+ (strcmp(ip, secondary[0]->bv_val) == 0 )) >+ { >+#if defined (DEBUG_LDAP) >+ log_info ("ldap_parse_failoverpeer : secondary server"); >+#endif >+ role = 2; >+ self = secondary; >+ selfport = secondaryport; >+ peer = primary; >+ peerport = primaryport; >+ } >+ >+ if (role > 0) >+ { >+ if(gethostnametoip(peerip, peer[0]->bv_val) != 0) >+ { >+ log_info ("ldap_parse_failoverpeer : Error resolving failover peer"); >+ return; >+ } >+ // We don't even start writing config unless we know that we are >+ // a primary or a secondary >+ >+ x_strncat (cfile->inbuf, "failover peer \"", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, "\" {\n" , LDAP_BUFFER_SIZE); >+ if (role == 1) >+ { >+ x_strncat (cfile->inbuf, "primary;\n", LDAP_BUFFER_SIZE); >+ } >+ else if (role == 2) >+ { >+ x_strncat (cfile->inbuf, "secondary;\n", LDAP_BUFFER_SIZE); >+ } >+ >+ x_strncat (cfile->inbuf, "address ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ip, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ >+ x_strncat (cfile->inbuf, "port ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, selfport[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ >+ x_strncat (cfile->inbuf, "peer address ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, peerip, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ >+ x_strncat (cfile->inbuf, "peer port ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, peerport[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ >+ if (role == 1) >+ { >+ x_strncat (cfile->inbuf, "split ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, split[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ >+ x_strncat (cfile->inbuf, "mclt ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, clientleadtime[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ } >+ >+ if (responsedelay != NULL && responsedelay[0] != NULL) >+ { >+ x_strncat (cfile->inbuf, "max-response-delay ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, responsedelay[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ } >+ >+ if (unackedupdates != NULL && unackedupdates[0] != NULL) >+ { >+ x_strncat (cfile->inbuf, "max-unacked-updates ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, unackedupdates[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ } >+ >+ //TODO - What is the dhcpd.conf option for this? >+ //if (hashbucket != NULL && hashbucket[0] != NULL) >+ // { >+ // x_strncat (cfile->inbuf, "max-response-delay ", LDAP_BUFFER_SIZE); >+ // x_strncat (cfile->inbuf, hashbucket[0]->bv_val, LDAP_BUFFER_SIZE); >+ // x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ // } >+ >+ if (loadbalancetime != NULL && loadbalancetime[0] != NULL) >+ { >+ x_strncat (cfile->inbuf, "load balance max seconds ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, loadbalancetime[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); >+ } >+ >+ if (comments != NULL && comments[0] != NULL) >+ { >+ x_strncat (cfile->inbuf, "## ", LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, comments[0]->bv_val, LDAP_BUFFER_SIZE); >+ x_strncat (cfile->inbuf, "\n", LDAP_BUFFER_SIZE); >+ } >+ item->close_brace = 1; >+ } >+ else >+ { >+ log_info ("ldap_parse_failoverpeer : Server does not match primary or secondary failover server, or split information missing"); >+ } >+ >+ } >+ >+ ldap_value_free_len (primary); >+ ldap_value_free_len (secondary); >+ ldap_value_free_len (primaryport); >+ ldap_value_free_len (secondaryport); >+ ldap_value_free_len (tempbv); >+ ldap_value_free_len (split); >+ ldap_value_free_len (responsedelay); >+ ldap_value_free_len (unackedupdates); >+ ldap_value_free_len (clientleadtime); >+ ldap_value_free_len (hashbucket); >+ ldap_value_free_len (loadbalancetime); >+ ldap_value_free_len (comments); >+} >+ >+static void > add_to_config_stack (LDAPMessage * res, LDAPMessage * ent) > { > struct ldap_config_stack *ns; >@@ -1150,7 +1429,9 @@ ldap_generate_config_string (struct pars > found = 1; > for (i=0; objectClass[i] != NULL; i++) > { >- if (strcasecmp (objectClass[i]->bv_val, "dhcpSharedNetwork") == 0) >+ if (strcasecmp (objectClass[i]->bv_val, "dhcpFailOverPeer") == 0) >+ ldap_parse_failoverpeer (entry, cfile); >+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpSharedNetwork") == 0) > ldap_parse_shared_network (entry, cfile); > else if (strcasecmp (objectClass[i]->bv_val, "dhcpClass") == 0) > ldap_parse_class (entry, cfile); >@@ -1322,32 +1603,6 @@ ldap_get_host_name (LDAPMessage * ent) > } > > >-static int >-getfqhostname(char *fqhost, size_t size) >-{ >-#if defined(MAXHOSTNAMELEN) >- char hname[MAXHOSTNAMELEN]; >-#else >- char hname[65]; >-#endif >- struct hostent *hp; >- >- if(NULL == fqhost || 1 >= size) >- return -1; >- >- memset(hname, 0, sizeof(hname)); >- if( gethostname(hname, sizeof(hname)-1)) >- return -1; >- >- if(NULL == (hp = gethostbyname(hname))) >- return -1; >- >- strncpy(fqhost, hp->h_name, size-1); >- fqhost[size-1] = '\0'; >- return 0; >-} >- >- > isc_result_t > ldap_read_config (void) > { >--- dhcp-4.2.4.old/contrib/ldap/dhcp.schema 2010-03-26 01:57:16.000000000 +1030 >+++ dhcp-4.2.4.work/contrib/ldap/dhcp.schema 2012-07-22 18:25:30.566520687 +0930 >@@ -334,6 +334,12 @@ attributetype ( 2.16.840.1.113719.1.203. > DESC 'Generic attribute that allows coments within any DHCP object' > SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) > >+attributetype ( 2.16.840.1.113719.1.203.4.57 >+ NAME 'dhcpFailOverDN' >+ EQUALITY distinguishedNameMatch >+ DESC 'The DN of the FailOver group that a shared IP pool will use.' >+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) >+ > # Classes > > objectclass ( 2.16.840.1.113719.1.203.6.1 >@@ -362,7 +368,7 @@ objectclass ( 2.16.840.1.113719.1.203.6. > DESC 'This stores configuration information about a pool.' > SUP top > MUST ( cn $ dhcpRange ) >- MAY ( dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $ dhcpZoneDN $dhcpKeyDN $ dhcpStatements $ dhcpComments $ dhcpOption ) >+ MAY ( dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $ dhcpZoneDN $dhcpKeyDN $ dhcpStatements $ dhcpComments $ dhcpOption $ dhcpFailOverDN ) > X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') ) > > objectclass ( 2.16.840.1.113719.1.203.6.5
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 842498
:
599901
| 600007