From 4fb12db7504920d12ea7db71f312334c877bff7c Mon Sep 17 00:00:00 2001
From: James Hogarth <james.hogarth@gmail.com>
Date: Tue, 14 Aug 2012 10:54:34 +0100
Subject: Make TTL configurable for dynamic dns updates

---
 src/config/SSSDConfig/__init__.py.in    |  1 +
 src/config/etc/sssd.api.d/sssd-ipa.conf |  1 +
 src/man/sssd-ipa.5.xml                  | 14 ++++++++++++++
 src/providers/ipa/ipa_common.h          |  1 +
 src/providers/ipa/ipa_dyndns.c          | 14 ++++++++++++--
 src/providers/ipa/ipa_opts.h            |  1 +
 6 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in
index 3c6d84c5d..9bd699539 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -131,6 +131,7 @@ option_strings = {
     'ipa_backup_server' : _('Address of backup IPA server'),
     'ipa_hostname' : _('IPA client hostname'),
     'ipa_dyndns_update' : _("Whether to automatically update the client's DNS entry in FreeIPA"),
+    'ipa_dyndns_ttl' : _("The TTL to apply to the client's DNS entry after updating it"),
     'ipa_dyndns_iface' : _("The interface whose IP should be used for dynamic DNS updates"),
     'ipa_hbac_search_base' : _("Search base for HBAC related objects"),
     'ipa_hbac_refresh' : _("The amount of time between lookups of the HBAC rules against the IPA server"),
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index efc1e8b3d..561845902 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -4,6 +4,7 @@ ipa_server = str, None, false
 ipa_backup_server = str, None, false
 ipa_hostname = str, None, false
 ipa_dyndns_update = bool, None, false
+ipa_dyndns_ttl = int, None, false
 ipa_dyndns_iface = str, None, false
 ipa_hbac_search_base = str, None, false
 ipa_host_search_base = str, None, false
diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml
index 4c4aaba4e..db6aecf86 100644
--- a/src/man/sssd-ipa.5.xml
+++ b/src/man/sssd-ipa.5.xml
@@ -125,6 +125,20 @@
                     </listitem>
                 </varlistentry>
 
+                <varlistentry>
+                    <term>ipa_dyndns_ttl (integer)</term>
+                    <listitem>
+                        <para>
+                            The TTL to apply to the client DNS record when updating it.
+                            If ipa_dyndns_update is false this has no effect. This will
+                            override the TTL serverside if set by an administrator.
+                        </para>
+                        <para>
+                            Default: 1200 (seconds)
+                        </para>
+                    </listitem>
+                </varlistentry>
+
                 <varlistentry>
                     <term>ipa_dyndns_iface (string)</term>
                     <listitem>
diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h
index 01e140325..f077776bd 100644
--- a/src/providers/ipa/ipa_common.h
+++ b/src/providers/ipa/ipa_common.h
@@ -38,6 +38,7 @@ enum ipa_basic_opt {
     IPA_BACKUP_SERVER,
     IPA_HOSTNAME,
     IPA_DYNDNS_UPDATE,
+    IPA_DYNDNS_TTL,
     IPA_DYNDNS_IFACE,
     IPA_HBAC_SEARCH_BASE,
     IPA_HOST_SEARCH_BASE,
diff --git a/src/providers/ipa/ipa_dyndns.c b/src/providers/ipa/ipa_dyndns.c
index 66515e840..3f430a337 100644
--- a/src/providers/ipa/ipa_dyndns.c
+++ b/src/providers/ipa/ipa_dyndns.c
@@ -857,7 +857,7 @@ static int create_nsupdate_message(struct ipa_nsupdate_ctx *ctx,
                                    uint8_t remove_af,
                                    bool use_server_with_nsupdate)
 {
-    int ret, i;
+    int ret, i, ttl;
     char *servername = NULL;
     char *realm;
     char *realm_directive;
@@ -935,6 +935,15 @@ static int create_nsupdate_message(struct ipa_nsupdate_ctx *ctx,
         goto done;
     }
 
+    /* Get the TTL details for the record(s) */
+
+    ttl = dp_opt_get_int(ctx->dyndns_ctx->ipa_ctx->basic,
+                             IPA_DYNDNS_TTL);
+    /* Should not happen but just in case set the default */
+    if (!ttl) {
+        ttl = 1200;
+    }
+
     /* Remove existing entries as needed */
     if (remove_af & IPA_DYNDNS_REMOVE_A) {
         ctx->update_msg = talloc_asprintf_append(ctx->update_msg,
@@ -986,8 +995,9 @@ static int create_nsupdate_message(struct ipa_nsupdate_ctx *ctx,
         /* Format the record update */
         ctx->update_msg = talloc_asprintf_append(
                 ctx->update_msg,
-                "update add %s. 86400 in %s %s\n",
+                "update add %s. %d in %s %s\n",
                 ctx->dyndns_ctx->hostname,
+                ttl,
                 new_record->addr->ss_family == AF_INET ? "A" : "AAAA",
                 ip_addr);
         if (ctx->update_msg == NULL) {
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index ae75413ac..01c32f462 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -35,6 +35,7 @@ struct dp_option ipa_basic_opts[] = {
     { "ipa_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "ipa_hostname", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "ipa_dyndns_update", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
+    { "ipa_dyndns_ttl", DP_OPT_NUMBER, { .number = 1200}, NULL_NUMBER},
     { "ipa_dyndns_iface", DP_OPT_STRING, NULL_STRING, NULL_STRING},
     { "ipa_hbac_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING},
     { "ipa_host_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
-- 
cgit