Re: [Freeipa-devel] [PATCH 0186-0191] Replace LDAP cache with RBTDB
On 13.12.2013 16:02, Petr Spacek wrote: On 23.10.2013 16:54, Tomas Hozza wrote: On 10/10/2013 06:58 PM, Petr Spacek wrote: On 8.10.2013 12:00, Tomas Hozza wrote: On 10/02/2013 12:57 PM, Petr Spacek wrote: On 13.9.2013 15:31, Petr Spacek wrote: On 14.8.2013 16:42, Petr Spacek wrote: On 14.8.2013 16:25, Petr Spacek wrote: On 1.8.2013 15:57, Petr Spacek wrote: Hello, attached monster patches replace our internal cache/database with RBTDB implementation. See commit messages and comments inside. This patch set provides very basic functionality (including DNS support for updates). Error handling definitely needs more love, but it should be enough for rapid DNSSEC prototyping. Patch 186 v2: The code now applies incremental changes in LDAP to the in-memory database. Commit message was modified to mention that wildcards are now supported. Patch 187 v2: The code was re-worked and now it respects serial_autoincrement option. Patch 188 v2: Minor comment clean-up and rebase on top of patch 187 v2. Patch 189 v2: Call to deleterdataset() nested in substractrdataset() was deleted. This code was meant only for testing purposes. These patch set is now ready for review. Please see commit messages! Some functionality is missing intentionally, but it will be fixed by separate patches. It would be too easy! Patch 186 v3: Commit message was extended with information that LDAP MODRDN operation is not supported at the moment. Patch 187 v3: Missing file ldap_driver.h was added. This extended patch set handles correctly object deletion from LDAP. Patches 186-189 contain very minor changes, only moving code from one place to the other. See commit messages for patches 190 and 191. This should be testable. I would recommend to test the whole patch set at once, most probably it doesn't make much sense to test patches separately. bind-dyndb-ldap-pspacek-0186-5-Use-RBTDB-instead-of-internal-LDAP-cache.patch adds missing missing include (db.h) to zone_register.c. ACK. Patches 186-191 tested. Adding/removing/modifying records works fine. Also PTR synchronization works. Zone transfer to slave and NOTIFY tested when changes occurred on master. Patch 191-2 fixed problem with zone removal and race condition during zone load. I would recommend you to test it with other patch I plan to send today :-) ACK. Patch looks good. Changes in patch 186 v6: - README was updated - update_record() events is terminated sooner in case of BIND shutdown -- This prevents some nasty surprises during shutdown. - Crash in update_record() was fixed: E.g. imagine a zone in LDAP without A record record for name in NS record. update_record() is restarted after any modification to invalid zone. This allows us to reload previously invalid zone if e.g. the missing A record was added. Version 5 of the patch crashed in this situation. This patch should go to master branch only. Pushed to master branch: a78db0312873babbccd4a94dec90b46b02c694ad 4a6b8caa6bff4f9c33411c5d72aafb04ceb5396c f6e74da2e27803d9b8a8e3fd399aa26b901ab932 827c8d676e3a871010e63eda82997a2f729a347c -- Petr^2 Spacek ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH 0186-0191] Replace LDAP cache with RBTDB
On 10/10/2013 06:58 PM, Petr Spacek wrote: On 8.10.2013 12:00, Tomas Hozza wrote: On 10/02/2013 12:57 PM, Petr Spacek wrote: On 13.9.2013 15:31, Petr Spacek wrote: On 14.8.2013 16:42, Petr Spacek wrote: On 14.8.2013 16:25, Petr Spacek wrote: On 1.8.2013 15:57, Petr Spacek wrote: Hello, attached monster patches replace our internal cache/database with RBTDB implementation. See commit messages and comments inside. This patch set provides very basic functionality (including DNS support for updates). Error handling definitely needs more love, but it should be enough for rapid DNSSEC prototyping. Patch 186 v2: The code now applies incremental changes in LDAP to the in-memory database. Commit message was modified to mention that wildcards are now supported. Patch 187 v2: The code was re-worked and now it respects serial_autoincrement option. Patch 188 v2: Minor comment clean-up and rebase on top of patch 187 v2. Patch 189 v2: Call to deleterdataset() nested in substractrdataset() was deleted. This code was meant only for testing purposes. These patch set is now ready for review. Please see commit messages! Some functionality is missing intentionally, but it will be fixed by separate patches. It would be too easy! Patch 186 v3: Commit message was extended with information that LDAP MODRDN operation is not supported at the moment. Patch 187 v3: Missing file ldap_driver.h was added. This extended patch set handles correctly object deletion from LDAP. Patches 186-189 contain very minor changes, only moving code from one place to the other. See commit messages for patches 190 and 191. This should be testable. I would recommend to test the whole patch set at once, most probably it doesn't make much sense to test patches separately. bind-dyndb-ldap-pspacek-0186-5-Use-RBTDB-instead-of-internal-LDAP-cache.patch adds missing missing include (db.h) to zone_register.c. ACK. Patches 186-191 tested. Adding/removing/modifying records works fine. Also PTR synchronization works. Zone transfer to slave and NOTIFY tested when changes occurred on master. Patch 191-2 fixed problem with zone removal and race condition during zone load. I would recommend you to test it with other patch I plan to send today :-) ACK. Patch looks good. Regards, Tomas ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH 0186-0191] Replace LDAP cache with RBTDB
On 8.10.2013 12:00, Tomas Hozza wrote: On 10/02/2013 12:57 PM, Petr Spacek wrote: On 13.9.2013 15:31, Petr Spacek wrote: On 14.8.2013 16:42, Petr Spacek wrote: On 14.8.2013 16:25, Petr Spacek wrote: On 1.8.2013 15:57, Petr Spacek wrote: Hello, attached monster patches replace our internal cache/database with RBTDB implementation. See commit messages and comments inside. This patch set provides very basic functionality (including DNS support for updates). Error handling definitely needs more love, but it should be enough for rapid DNSSEC prototyping. Patch 186 v2: The code now applies incremental changes in LDAP to the in-memory database. Commit message was modified to mention that wildcards are now supported. Patch 187 v2: The code was re-worked and now it respects serial_autoincrement option. Patch 188 v2: Minor comment clean-up and rebase on top of patch 187 v2. Patch 189 v2: Call to deleterdataset() nested in substractrdataset() was deleted. This code was meant only for testing purposes. These patch set is now ready for review. Please see commit messages! Some functionality is missing intentionally, but it will be fixed by separate patches. It would be too easy! Patch 186 v3: Commit message was extended with information that LDAP MODRDN operation is not supported at the moment. Patch 187 v3: Missing file ldap_driver.h was added. This extended patch set handles correctly object deletion from LDAP. Patches 186-189 contain very minor changes, only moving code from one place to the other. See commit messages for patches 190 and 191. This should be testable. I would recommend to test the whole patch set at once, most probably it doesn't make much sense to test patches separately. bind-dyndb-ldap-pspacek-0186-5-Use-RBTDB-instead-of-internal-LDAP-cache.patch adds missing missing include (db.h) to zone_register.c. ACK. Patches 186-191 tested. Adding/removing/modifying records works fine. Also PTR synchronization works. Zone transfer to slave and NOTIFY tested when changes occurred on master. Patch 191-2 fixed problem with zone removal and race condition during zone load. I would recommend you to test it with other patch I plan to send today :-) -- Petr^2 Spacek From b49ec1165419b29a1c14a6f5aacba0a7b28123b2 Mon Sep 17 00:00:00 2001 From: Petr Spacek pspa...@redhat.com Date: Fri, 6 Sep 2013 14:55:52 +0200 Subject: [PATCH] Handle object deletion. This is a bit tricky, because we receive only the DN of the deleted object. ObjectClass is inferred from zone and forward registers. Signed-off-by: Petr Spacek pspa...@redhat.com --- src/ldap_helper.c | 188 +- 1 file changed, 144 insertions(+), 44 deletions(-) diff --git a/src/ldap_helper.c b/src/ldap_helper.c index e54bfefb67342ff642979541b40941f602efecc7..0e287a1b942e0c47ffdb16a7d37cfd5f307a2248 100644 --- a/src/ldap_helper.c +++ b/src/ldap_helper.c @@ -1389,6 +1389,8 @@ diff_ldap_rbtdb(isc_mem_t *mctx, dns_name_t *name, ldapdb_rdatalist_t *ldap_rdat if (result != ISC_R_SUCCESS result != ISC_R_NOMORE) goto cleanup; } + if (result == ISC_R_NOMORE) + result = ISC_R_SUCCESS; cleanup: return result; @@ -3403,8 +3405,6 @@ update_zone(isc_task_t *task, isc_event_t *event) ldap_valuelist_t values; isc_boolean_t zone_active = ISC_FALSE; - UNUSED(task); - mctx = pevent-mctx; dns_name_init(currname, NULL); dns_name_init(prevname, NULL); @@ -3473,6 +3473,7 @@ cleanup: ldap_entry_destroy(mctx, entry); isc_mem_detach(mctx); isc_event_free(event); + isc_task_detach(task); } static void @@ -3484,8 +3485,6 @@ update_config(isc_task_t *task, isc_event_t *event) ldap_entry_t *entry = pevent-entry; isc_mem_t *mctx; - UNUSED(task); - mctx = pevent-mctx; CHECK(manager_get_ldap_instance(pevent-dbname, inst)); @@ -3502,6 +3501,7 @@ cleanup: isc_mem_free(mctx, pevent-dn); isc_mem_detach(mctx); isc_event_free(event); + isc_task_detach(task); } /** @@ -3528,8 +3528,8 @@ update_record(isc_task_t *task, isc_event_t *event) ldap_entry_t *entry = pevent-entry; const char *fake_mname = NULL; - dns_db_t *rbtdb; - dns_db_t *ldapdb; + dns_db_t *rbtdb = NULL; + dns_db_t *ldapdb = NULL; dns_diff_t diff; dns_diff_t soa_diff; dns_dbversion_t *version = NULL; /* version is shared between rbtdb and ldapdb */ @@ -3540,7 +3540,6 @@ update_record(isc_task_t *task, isc_event_t *event) dns_diff_init(mctx, diff); dns_diff_init(mctx, soa_diff); - UNUSED(task); #ifdef RBTDB_DEBUG static unsigned int count = 0; #endif @@ -3573,12 +3572,21 @@ update_restart: rbtdb = NULL; ldapdb = NULL; CHECK(zr_get_zone_dbs(inst-zone_register, name, ldapdb, rbtdb)); + CHECK(dns_db_newversion(rbtdb, version)); + + CHECK(dns_db_findnode(rbtdb, name, ISC_TRUE, node)); + result = dns_db_allrdatasets(rbtdb, node, version, 0, rbt_rds_iterator); + if (result != ISC_R_SUCCESS result != ISC_R_NOTFOUND) + goto cleanup; + /* This code is disabled because we
Re: [Freeipa-devel] [PATCH 0186-0191] Replace LDAP cache with RBTDB
On 10/02/2013 12:57 PM, Petr Spacek wrote: On 13.9.2013 15:31, Petr Spacek wrote: On 14.8.2013 16:42, Petr Spacek wrote: On 14.8.2013 16:25, Petr Spacek wrote: On 1.8.2013 15:57, Petr Spacek wrote: Hello, attached monster patches replace our internal cache/database with RBTDB implementation. See commit messages and comments inside. This patch set provides very basic functionality (including DNS support for updates). Error handling definitely needs more love, but it should be enough for rapid DNSSEC prototyping. Patch 186 v2: The code now applies incremental changes in LDAP to the in-memory database. Commit message was modified to mention that wildcards are now supported. Patch 187 v2: The code was re-worked and now it respects serial_autoincrement option. Patch 188 v2: Minor comment clean-up and rebase on top of patch 187 v2. Patch 189 v2: Call to deleterdataset() nested in substractrdataset() was deleted. This code was meant only for testing purposes. These patch set is now ready for review. Please see commit messages! Some functionality is missing intentionally, but it will be fixed by separate patches. It would be too easy! Patch 186 v3: Commit message was extended with information that LDAP MODRDN operation is not supported at the moment. Patch 187 v3: Missing file ldap_driver.h was added. This extended patch set handles correctly object deletion from LDAP. Patches 186-189 contain very minor changes, only moving code from one place to the other. See commit messages for patches 190 and 191. This should be testable. I would recommend to test the whole patch set at once, most probably it doesn't make much sense to test patches separately. bind-dyndb-ldap-pspacek-0186-5-Use-RBTDB-instead-of-internal-LDAP-cache.patch adds missing missing include (db.h) to zone_register.c. ACK. Patches 186-191 tested. Adding/removing/modifying records works fine. Also PTR synchronization works. Zone transfer to slave and NOTIFY tested when changes occurred on master. Regards, Tomas ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel