From 637813b1ce506d4396832032f0cce6800ab5753d Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Fri, 12 Dec 2014 17:10:40 +0100 Subject: FO: Use SRV TTL in fail over code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Resolves: https://fedorahosted.org/sssd/ticket/1884 Removes the hardcoded SRV TTL timeout and uses TTL from the DNS instead. Reviewed-by: Pavel Březina (cherry picked from commit 8df69bbc58c2f4d3f0b34be9756d9ddf24b1db6d) --- src/providers/data_provider_fo.c | 2 +- src/providers/fail_over.c | 15 ++++++++++++--- src/providers/fail_over.h | 2 +- src/providers/ipa/ipa_common.c | 7 +++++++ 4 files changed, 21 insertions(+), 5 deletions(-) diff --git a/src/providers/data_provider_fo.c b/src/providers/data_provider_fo.c index d5cb0a476..eaee9ef17 100644 --- a/src/providers/data_provider_fo.c +++ b/src/providers/data_provider_fo.c @@ -71,7 +71,7 @@ static int be_fo_get_options(TALLOC_CTX *mem_ctx, struct be_ctx *ctx, /* todo get timeout from configuration */ opts->retry_timeout = 30; - opts->srv_retry_timeout = 14400; + opts->srv_retry_neg_timeout = 15; ret = confdb_get_string(ctx->cdb, mem_ctx, ctx->conf_path, CONFDB_DOMAIN_FAMILY_ORDER, diff --git a/src/providers/fail_over.c b/src/providers/fail_over.c index aa46368b7..2f082b996 100644 --- a/src/providers/fail_over.c +++ b/src/providers/fail_over.c @@ -106,6 +106,7 @@ struct srv_data { struct fo_server *meta; int srv_lookup_status; + int ttl; struct timeval last_status_change; }; @@ -138,7 +139,7 @@ fo_context_init(TALLOC_CTX *mem_ctx, struct fo_options *opts) return NULL; } - ctx->opts->srv_retry_timeout = opts->srv_retry_timeout; + ctx->opts->srv_retry_neg_timeout = opts->srv_retry_neg_timeout; ctx->opts->retry_timeout = opts->retry_timeout; ctx->opts->family_order = opts->family_order; @@ -263,9 +264,15 @@ get_srv_data_status(struct srv_data *data) struct timeval tv; time_t timeout; - timeout = data->meta->service->ctx->opts->srv_retry_timeout; gettimeofday(&tv, NULL); + /* Determine timeout value based on state of previous lookup. */ + if (data->srv_lookup_status == SRV_RESOLVE_ERROR) { + timeout = data->meta->service->ctx->opts->srv_retry_neg_timeout; + } else { + timeout = data->ttl; + } + if (STATUS_DIFF(data, tv) > timeout) { switch(data->srv_lookup_status) { case SRV_EXPIRED: @@ -1080,9 +1087,10 @@ resolve_srv_done(struct tevent_req *subreq) struct fo_server *srv_list = NULL; int ret; int resolv_status; + uint32_t ttl; ret = resolv_getsrv_recv(state, subreq, - &resolv_status, NULL, &reply_list, NULL); + &resolv_status, NULL, &reply_list, &ttl); talloc_free(subreq); if (ret != EOK) { DEBUG(1, ("SRV query failed: [%s]\n", @@ -1137,6 +1145,7 @@ resolve_srv_done(struct tevent_req *subreq) goto fail; } server->srv_data = state->meta->srv_data; + server->srv_data->ttl = ttl; DLIST_ADD_END(srv_list, server, struct fo_server *); DEBUG(6, ("Inserted server '%s:%d' for service %s\n", diff --git a/src/providers/fail_over.h b/src/providers/fail_over.h index 50c0dcf8d..9bfb156da 100644 --- a/src/providers/fail_over.h +++ b/src/providers/fail_over.h @@ -70,7 +70,7 @@ struct fo_server; * try when looking up the service. */ struct fo_options { - time_t srv_retry_timeout; + time_t srv_retry_neg_timeout; time_t retry_timeout; enum restrict_family family_order; }; diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index 3176e5465..79bfd1f8b 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -558,6 +558,13 @@ done: return ret; } +static const char * +sss_ldap_escape_ip_address(TALLOC_CTX *mem_ctx, int family, const char *addr) +{ + return family == AF_INET6 ? talloc_asprintf(mem_ctx, "[%s]", addr) : + talloc_strdup(mem_ctx, addr); +} + static void ipa_resolve_callback(void *private_data, struct fo_server *server) { TALLOC_CTX *tmp_ctx = NULL; -- cgit