[Pdns-users] PDNS LDAP backend uses incorrect search filter for root

Jan-Piet Mens jpm at retail-sc.com
Thu Jun 1 11:56:06 UTC 2006


On Thu Jun 01 2006 at 13:47:37 CEST, Jan-Piet Mens wrote:

> When I do a `dig @localhost . ns' searching for a root name server
> (although I haven't got an appropriate entry in LDAP), I get
...
> with filter="(?=undefined)".

Here are the verbose logs:

|Remote 127.0.0.1 wants a type NS (2) about ''
|UeberBackend received question for ANY of
|Query: '|ANY'
|[LdapBackend] Search = basedn: ou=dns2,ou=dns,o=isp, filter: (associatedDomain=), qtype: ANY
|Ueber get() was called for a ANY record
|[LdapBackend] LDAP servers = localhost
|UeberBackend reached end of backends
|UeberBackend received question for ANY of
|Query: '|ANY'
|[LdapBackend] Search = basedn: ou=dns2,ou=dns,o=isp, filter: (associatedDomain=), qtype: ANY
|Ueber get() was called for a ANY record
|UeberBackend reached end of backends
|Nothing found so far for '', do we even have authority over this domain?
|Query: '|SOA'
|[LdapBackend] Search = basedn: ou=dns2,ou=dns,o=isp, filter: (&(associatedDomain=)(SOARecord=*)), qtype: SOA
|Not authoritative for '', sending servfail to 127.0.0.1 (recursion was desired)
|Sending a packet to 127.0.0.1 (17 octets)
|[LdapBackend] Ldap connection succeeded

Based on pdns-2.9.21-svn.20060412.686 I think the problem is an empty
query in ldapbackend.cc. With this tiny patch applied it works, but
I'm not sure if that is all that is needed (I'm a .c and not a .CC guy)


*** ldapbackend.cc.orig 2006-04-12 17:46:34.000000000 +0200
--- ldapbackend.cc      2006-05-31 18:00:07.000000000 +0200
***************
*** 196,201 ****
--- 196,203 ----


        qesc = toLower( m_pldap->escape( qname ) );
+       if (qesc.length() == 0)
+               qesc = ".";
        filter = "(associatedDomain=" + qesc + ")";

        if( qtype.getCode() != QType::ANY )

Am I on the right track?

Regards,
	-JP




More information about the Pdns-users mailing list