Hello,
Use NOTAUTH and REFUSED response codes for dynamic updates rather
than SERVFAIL.
SERVFAIL is still sent if PTR synchronization is enabled but
impossible for some reason.
This change should make dynamic updates debugging simpler.
--
Petr^2 Spacek
From bff8bc688c61717df67de2968492f76b4be65d2a Mon Sep 17 00:00:00 2001
From: Petr Spacek <[email protected]>
Date: Thu, 4 Oct 2012 10:26:38 +0200
Subject: [PATCH] Use NOTAUTH and REFUSED response codes for dynamic updates
rather than SERVFAIL.
SERVFAIL is still sent if PTR synchronization is enabled but
impossible for some reason.
Signed-off-by: Petr Spacek <[email protected]>
---
src/ldap_helper.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index a7f492e1169c36a321c240fd6ff321a9ef63c2c4..24d469a562b96176ac8fffcf443b9b063096d58c 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -2525,7 +2525,7 @@ modify_ldap_common(dns_name_t *owner, ldap_instance_t *ldap_inst,
entry = HEAD(ldap_qresult->ldap_entries);
if (entry == NULL) {
log_debug(3, "Active zone %s not found", zone_dn);
- result = ISC_R_NOTFOUND;
+ result = DNS_R_NOTAUTH;
goto cleanup;
}
@@ -2537,7 +2537,7 @@ modify_ldap_common(dns_name_t *owner, ldap_instance_t *ldap_inst,
if (!zone_dyn_update) {
log_debug(3, "Dynamic Update is not allowed in zone %s", zone_dn);
- result = ISC_R_NOPERM;
+ result = DNS_R_REFUSED;
goto cleanup;
}
--
1.7.11.4
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
