[Pdns-users] Re: pdns ldapbackend - axfr bug and "patch"
Norbert Sendetzky
norbert at linuxnetworks.de
Sun Mar 2 12:11:27 UTC 2008
Hi Peter
> thanx for reply. This is "only" problem for nameservers, which handles
> domain and subdomain on one system, because of ldap tree structure
> for correct work of actual pdns-backend-ldap.
> I think too, that correct sollution is
> filter = strbind( ":target:", "(&(associatedDomain=" + qesc +
> ")(SOARecord=*))", getArg( "filter-axfr" ) );
> LdapBackend::list_simple, but how to fix that in tree mode I don't know too
> (also I'm not interested in tree mode:).
Adding the check for the presence of the SOA record is a good idea and I
already sent a patch to Bert, but it won't solve your problem. If you add a
zone "1.168.192.in-addr.arpa" below "168.192.in-addr.arpa" in your LDAP
directory as subtree, AXFR transfers of "168.192.in-addr.arpa" will still
include those records from "1.168.192.in-addr.arpa".
The only solution is to use "simple" mode and store "1.168.192.in-addr.arpa"
at the same level as "168.192.in-addr.arpa" in the LDAP tree.
Norbert
--
OpenPGP public key
http://www.linuxnetworks.de/norbert.pubkey.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20080302/530c1a4a/attachment-0001.sig>
More information about the Pdns-users
mailing list