[Freeipa-devel] [PATCH] 057 Validate MX records

Jakub Hrozek Tue, 15 Feb 2011 03:09:37 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

https://fedorahosted.org/freeipa/ticket/967


I'm wondering whether to extend the patch - if the mail server name does
not end with a dot, BIND treats it as relative to the zone.

So if you do:
ipa dnsrecord-add example.com @ --mx-rec="10 mail.example.com"

dig would then return mail.example.com.example.com

The correct way of adding it is (note the trailing dot):
ipa dnsrecord-add example.com @ --mx-rec="10 mail.example.com."

This is in line with how nsupdate works, so should we just document it?
A smarter way might be to check if the hostname ends with the zone name
and append a dot, but I'm not sure if that perhaps /too/ smart..
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk1aXtcACgkQHsardTLnvCXY0wCgtkc0kBdPorCgd9oyh4AazDy0
8hoAn0vgX5xQYJv2D9gjjTgnu0mgUMbp
=nzLT
-----END PGP SIGNATURE-----

From 9b76991ba0dae19c84a2cad2b60775f8ffa3cc9a Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Tue, 15 Feb 2011 10:40:27 +0100
Subject: [PATCH] Validate MX records

https://fedorahosted.org/freeipa/ticket/967
---
 API.txt               |    8 ++++----
 ipalib/plugins/dns.py |   17 +++++++++++++++++
 2 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/API.txt b/API.txt
index fab2241..2ee7fa1 100644
--- a/API.txt
+++ b/API.txt
@@ -514,7 +514,7 @@ option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec',ist('ips
 option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?', attribute=True, cli_name='key_rec', doc='comma-separated list of KEY records', label='KEY record', multivalue=True)
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
-option: List('mxrecord?', attribute=True, cli_name='mx_rec',ist('mxrecord?', attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
+option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
 option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True)
@@ -558,7 +558,7 @@ option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec',ist('ips
 option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?', attribute=True, cli_name='key_rec', doc='comma-separated list of KEY records', label='KEY record', multivalue=True)
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
-option: List('mxrecord?', attribute=True, cli_name='mx_rec',ist('mxrecord?', attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
+option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
 option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True)
@@ -603,7 +603,7 @@ option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec',ist('ips
 option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?', attribute=True, cli_name='key_rec', doc='comma-separated list of KEY records', label='KEY record', multivalue=True)
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
-option: List('mxrecord?', attribute=True, cli_name='mx_rec',ist('mxrecord?', attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
+option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
 option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True)
@@ -660,7 +660,7 @@ option: List('ipseckeyrecord', attribute=True, cli_name='ipseckey_rec',ist('ipse
 option: List('keyrecord', attribute=True, cli_name='key_rec',ist('keyrecord', attribute=True, cli_name='key_rec', doc='comma-separated list of KEY records', label='KEY record', multivalue=True, query=True, required=False)
 option: List('kxrecord', attribute=True, cli_name='kx_rec',ist('kxrecord', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True, query=True, required=False)
 option: List('locrecord', attribute=True, cli_name='loc_rec',ist('locrecord', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True, query=True, required=False)
-option: List('mxrecord', attribute=True, cli_name='mx_rec',ist('mxrecord', attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True, query=True, required=False)
+option: List('mxrecord', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True, query=True, required=False)
 option: List('naptrrecord', attribute=True, cli_name='naptr_rec',ist('naptrrecord', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True, query=True, required=False)
 option: List('nsrecord', attribute=True, cli_name='ns_rec',ist('nsrecord', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True, query=True, required=False)
 option: List('nsecrecord', attribute=True, cli_name='nsec_rec',ist('nsecrecord', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True, query=True, required=False)
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 1437011..592945f 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -30,6 +30,9 @@ EXAMPLES:
  Add second nameserver for example.com:
    ipa dnsrecord-add example.com @ --ns-rec nameserver2.example.com
 
+ Add a mail server for example.com:
+   ipa dnsrecord-add example.com @ --mx-rec mail2
+
  Delete previously added nameserver from example.com:
    ipa dnsrecord-del example.com @ --ns-rec nameserver2.example.com
 
@@ -136,11 +139,25 @@ def _validate_srv(ugettext, srv):
 
     return None
 
+def _validate_mx(ugettext, srv):
+    try:
+        prio, host = srv.split()
+    except ValueError:
+        return u'format must be specified as "priority mailserver"'
+
+    try:
+        prio = int(prio)
+    except ValueError:
+        return u'the values of priority must be integer'
+
+    return None
+
 _record_validators = {
     u'A': _validate_ipaddr,
     u'AAAA': _validate_ipaddr,
     u'APL': _validate_ipnet,
     u'SRV': _validate_srv,
+    u'MX': _validate_mx,
 }
 
 def has_cli_options(entry, no_option_msg):
-- 
1.7.4

jhrozek-freeipa-057-mx-record.patch.sig
Description: PGP signature

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 057 Validate MX records

Reply via email to