This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 962814 - PTR record synchronization doesn't work with IPv6 addresses
PTR record synchronization doesn't work with IPv6 addresses
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: bind-dyndb-ldap (Show other bugs)
7.0
Unspecified Unspecified
medium Severity unspecified
: rc
: ---
Assigned To: Petr Spacek
Namita Soman
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-14 09:33 EDT by Dmitri Pal
Modified: 2015-01-21 10:41 EST (History)
2 users (show)

See Also:
Fixed In Version: bind-dyndb-ldap-3.5-1.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-06-13 06:57:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dmitri Pal 2013-05-14 09:33:04 EDT
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/bind-dyndb-ldap/ticket/118

bind-dyndb-ldap uses function that does NOT support IPv6 addresses.

Namely in ldap_helper.c:2804 -> function modify_ldap_common() uses function inet_addr() to convert IP address from string to struct in_addr_t.

Struct in_addr_t is used to store IPv4 address and does not support IPv6 addresses. Also function inet_addr() supports only IPv4 addresses.

To support IPv4 and IPv6 addresses you should use inet_pton() instead of inet_addr(), and also make necessary changes to the code to use struct capable of storing IPv6 address.

If you would like to read more information about porting IPv4 code to support also IPv6, you can check http://uw714doc.sco.com/en/SDK_netapi/sockC.PortIPv4appIPv6.html.
Comment 1 Namita Soman 2013-05-15 08:59:07 EDT
Please provide steps to verify......thanks!
Comment 2 Petr Spacek 2013-05-15 09:06:10 EDT
Steps to reproduce and in the upstream ticket:
https://fedorahosted.org/bind-dyndb-ldap/ticket/118#comment:2

Just configure one forward and one reverse zone (as for any other test related to PTR record sychronization) and try do nsupdate with IPv6 address belonging to the reverse zone.
Comment 3 Petr Spacek 2013-05-29 07:36:23 EDT
Upstream ticket was closed
Comment 4 Xiyang Dong 2014-01-31 14:32:18 EST
Verified on :
ipa-server-3.3.3-6.el7.x86_64

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz962814 - PTR record synchronization doesn't work with IPv6 addresses 
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 14:22:47 ] ::  execute expect file: /tmp/kinit.18525.exp

set timeout 30
set force_conservative 0 
set send_slow {1 .001} 
spawn /usr/bin/kinit -V admin
expect Password for *
send -s -- Secret123\r
expect eof 
spawn /usr/bin/kinit -V admin
SeUsing existing cache: persistent:0:0
Using principal: admin@TESTRELM.COM
cret1Password for admin@TESTRELM.COM: 
Authenticated to Kerberos v5
Default principal: admin@TESTRELM.COM
:: [ 14:22:47 ] ::  Success: kinit as [admin] with password [Secret123] was successful.
:: [   PASS   ] :: Kinit as admin user (Expected 0, got 0)
  Zone name: example.com
  Authoritative nameserver: ns
  Administrator e-mail address: hostmaster.example.com.
  SOA serial: 1391196168
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant TESTRELM.COM krb5-self * A; grant TESTRELM.COM krb5-self * AAAA;
                      grant TESTRELM.COM krb5-self * SSHFP;
  Active zone: TRUE
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;
:: [   PASS   ] :: Add test zone (Expected 0, got 0)
  Zone name: 6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.ip6.arpa.
  Authoritative nameserver: ns.example.com.
  Administrator e-mail address: hostmaster.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.ip6.arpa.
  SOA serial: 1391196170
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant TESTRELM.COM krb5-subdomain
                      6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.ip6.arpa. PTR;
  Active zone: TRUE
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;
:: [   PASS   ] :: Add test reverse zone (Expected 0, got 0)
  Zone name: example.com
  Authoritative nameserver: ns
  Administrator e-mail address: hostmaster.example.com.
  SOA serial: 1391196170
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  Active zone: TRUE
  Dynamic update: TRUE
  Allow query: any;
  Allow transfer: none;
:: [   PASS   ] :: Enable dynamic updates for forward zone (Expected 0, got 0)
  Zone name: example.com
  Authoritative nameserver: ns
  Administrator e-mail address: hostmaster.example.com.
  SOA serial: 1391196170
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  Active zone: TRUE
  Allow query: any;
  Allow transfer: none;
  Allow PTR sync: TRUE
:: [   PASS   ] :: Enable PTR record synchronization (Expected 0, got 0)
  Zone name: 6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.ip6.arpa.
  Authoritative nameserver: ns.example.com.
  Administrator e-mail address: hostmaster.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.ip6.arpa.
  SOA serial: 1391196170
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  Active zone: TRUE
  Dynamic update: TRUE
  Allow query: any;
  Allow transfer: none;
:: [   PASS   ] :: Enable dynamic updates in reverse zone (Expected 0, got 0)
-----------------------------
Added host "test.example.com"
-----------------------------
  Host name: test.example.com
  Principal name: host/test.example.com@TESTRELM.COM
  Password: False
  Keytab: False
  Managed by: test.example.com
:: [   PASS   ] :: Add host test.example.com (Expected 0, got 0)
Keytab successfully retrieved and stored in: /tmp/tmp.Oa4Z8qm72K/bz962814.keytab
:: [   PASS   ] :: get keytab for test.example.com (Expected 0, got 0)
:: [   PASS   ] :: kinit use principal for test.example.com (Expected 0, got 0)
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:  52045
;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;test.example.com.		IN	SOA

;; AUTHORITY SECTION:
example.com.		0	IN	SOA	70master.testrelm.com. hostmaster.example.com. 1391196170 3600 900 1209600 3600

Found zone name: example.com
The master is: 70master.testrelm.com
start_gssrequest
Found realm from ticket: TESTRELM.COM
send_gssrequest
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  56221
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;1066446545.sig-70master.testrelm.com. ANY TKEY

;; ADDITIONAL SECTION:
1066446545.sig-70master.testrelm.com. 0	ANY TKEY gss-tsig. 1391196175 1391196175 3 NOERROR 643 YIICfwYJKoZIhvcSAQICAQBuggJuMIICaqADAgEFoQMCAQ6iBwMFACAA AACjggFwYYIBbDCCAWigAwIBBaEOGwxURVNUUkVMTS5DT02iJzAloAMC AQGhHjAcGwNETlMbFTcwbWFzdGVyLnRlc3RyZWxtLmNvbaOCASYwggEi oAMCARKhAwIBAqKCARQEggEQygwNyKpH/9oO6BmiXnvWd/bmNEDMOk2z jsHMD26nCyzWrBo+o6BT4R9zNrdYIDRRnSo9st2uO9JPO5iZXTnHeWPe bCLL4SdPdZ45lHoyCq7XGJvn6JzFuUBUr2igGIVr8yK0cPY/f+Ds7/iy EwIj/8YfWalzQJkMqRUBN2E+UU4CFfC6090RIHtswKD8vGwjFzAmSsrJ d2C9jJqIGZFHtudPEPKKVxOOFaNLKy6CUPmRfW4Q4689xnQLs2KqvGzE Ststz2lC5VqQ5OEkMhMTtsECUBKNWMzAqWuUz0FpcVpoDYc7ZqEeL2XD IpVDdCS09OtQoD4aRu3lG+HxMg3ymYJc2hyVmxUByA1AuFgnl7GkgeAw gd2gAwIBEqKB1QSB0na+oTd3Kpe9iEOB4ypCJGyaq8UECDUOenWIYeWh 05cIhmO8vN6lNFBmFkB8iEpzhVPPmiRIS3H2lSRDMorWr/NBIlCv/ZuI 500HMXNNZGS98lZWsuydRx1Ng6xZ5ubayl4V4+0FwZ2M/FPxxjsqzZ2V rGD/XS+jIDGQ71kthQsSbQsxsqK3HXd+ysrAdIJSkPAV8moQuh2tsBGF LM86CF7pmoz5yWVCzDXetFDuBwUvh7oozh+FWaAts7W3O1X1WKEBvPVV XhHPGn7u++ztrysVzw== 0

recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  56221
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1066446545.sig-70master.testrelm.com. ANY TKEY

;; ANSWER SECTION:
1066446545.sig-70master.testrelm.com. 0	ANY TKEY gss-tsig. 1391196175 1391199775 3 NOERROR 156 YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKi cQRvWC53Ke+yNRgaz0mxfHpo1K4DYBOLCdClBBnO38qWDzKjc2W8ZiQQ b5fJT/LZQJPsQsSo8cyhyCFe4vBX9FK/svVdmbmIPAeLFW4Oti/0npSr G1QdlktPDEc0sUz7UeR/LH69nbg4LN7aYKX2hvYJ 0

Sending update to 10.18.57.215#53
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  27109
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
;; UPDATE SECTION:
test.example.com.	3600	IN	AAAA	1:2:3:4:5:6:7:8

;; TSIG PSEUDOSECTION:
1066446545.sig-70master.testrelm.com. 0	ANY TSIG gss-tsig. 1391196175 300 28 BAQE//////8AAAAANTJZ3xL3Qpx2V0yHFSw33w== 27109 NOERROR 0 


Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  27109
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; ZONE SECTION:
;example.com.			IN	SOA

;; TSIG PSEUDOSECTION:
1066446545.sig-70master.testrelm.com. 0	ANY TSIG gss-tsig. 1391196175 300 28 BAQF//////8AAAAAKOkviZsp1zNkuUjzgRtK9Q== 27109 NOERROR 0 

:: [   PASS   ] :: EXECUTING: nsupdate -g /tmp/tmp.Oa4Z8qm72K/nsupdate.txt (Expected 0, got 0)
:: [ 14:22:55 ] ::  execute expect file: /tmp/kinit.26389.exp

set timeout 30
set force_conservative 0 
set send_slow {1 .001} 
spawn /usr/bin/kinit -V admin
expect Password for *
send -s -- Secret123\r
expect eof 
spawn /usr/bin/kinit -V admin
Using existing cache: persistent:0:0
Using principal: admin@TESTRELM.COM
SecrPassword for admin@TESTRELM.COM: 
Authenticated to Kerberos v5
Default principal: admin@TESTRELM.COM
:: [ 14:22:55 ] ::  Success: kinit as [admin] with password [Secret123] was successful.
:: [   PASS   ] :: Kinit as admin user (Expected 0, got 0)
  AAAA record: 1:2:3:4:5:6:7:8
:: [   PASS   ] :: Verify that AAAA record for forward zone was added (Expected 0, got 0)
  PTR record: test.example.com.
:: [   PASS   ] :: Verify that PTR record for reverse zone was add (Expected 0, got 0)
-------------------------------
Deleted host "test.example.com"
-------------------------------
:: [   PASS   ] :: Delete host test.example.com (Expected 0, got 0)
------------------------------
Deleted DNS zone "example.com"
------------------------------
:: [   PASS   ] :: Delete test zone (Expected 0, got 0)
----------------------------------------------------------------------------
Deleted DNS zone "6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.ip6.arpa."
----------------------------------------------------------------------------
:: [   PASS   ] :: Delete test reverse zone (Expected 0, got 0)
Comment 5 Ludek Smid 2014-06-13 06:57:06 EDT
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.