-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 https://fedorahosted.org/freeipa/ticket/967
I'm wondering whether to extend the patch - if the mail server name does not end with a dot, BIND treats it as relative to the zone. So if you do: ipa dnsrecord-add example.com @ --mx-rec="10 mail.example.com" dig would then return mail.example.com.example.com The correct way of adding it is (note the trailing dot): ipa dnsrecord-add example.com @ --mx-rec="10 mail.example.com." This is in line with how nsupdate works, so should we just document it? A smarter way might be to check if the hostname ends with the zone name and append a dot, but I'm not sure if that perhaps /too/ smart.. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk1aXtcACgkQHsardTLnvCXY0wCgtkc0kBdPorCgd9oyh4AazDy0 8hoAn0vgX5xQYJv2D9gjjTgnu0mgUMbp =nzLT -----END PGP SIGNATURE-----
From 9b76991ba0dae19c84a2cad2b60775f8ffa3cc9a Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Tue, 15 Feb 2011 10:40:27 +0100 Subject: [PATCH] Validate MX records https://fedorahosted.org/freeipa/ticket/967 --- API.txt | 8 ++++---- ipalib/plugins/dns.py | 17 +++++++++++++++++ 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/API.txt b/API.txt index fab2241..2ee7fa1 100644 --- a/API.txt +++ b/API.txt @@ -514,7 +514,7 @@ option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec',ist('ips option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?', attribute=True, cli_name='key_rec', doc='comma-separated list of KEY records', label='KEY record', multivalue=True) option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True) option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True) -option: List('mxrecord?', attribute=True, cli_name='mx_rec',ist('mxrecord?', attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True) +option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True) option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True) option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True) option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True) @@ -558,7 +558,7 @@ option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec',ist('ips option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?', attribute=True, cli_name='key_rec', doc='comma-separated list of KEY records', label='KEY record', multivalue=True) option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True) option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True) -option: List('mxrecord?', attribute=True, cli_name='mx_rec',ist('mxrecord?', attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True) +option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True) option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True) option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True) option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True) @@ -603,7 +603,7 @@ option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec',ist('ips option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?', attribute=True, cli_name='key_rec', doc='comma-separated list of KEY records', label='KEY record', multivalue=True) option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True) option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True) -option: List('mxrecord?', attribute=True, cli_name='mx_rec',ist('mxrecord?', attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True) +option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True) option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True) option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True) option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True) @@ -660,7 +660,7 @@ option: List('ipseckeyrecord', attribute=True, cli_name='ipseckey_rec',ist('ipse option: List('keyrecord', attribute=True, cli_name='key_rec',ist('keyrecord', attribute=True, cli_name='key_rec', doc='comma-separated list of KEY records', label='KEY record', multivalue=True, query=True, required=False) option: List('kxrecord', attribute=True, cli_name='kx_rec',ist('kxrecord', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True, query=True, required=False) option: List('locrecord', attribute=True, cli_name='loc_rec',ist('locrecord', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True, query=True, required=False) -option: List('mxrecord', attribute=True, cli_name='mx_rec',ist('mxrecord', attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True, query=True, required=False) +option: List('mxrecord', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True, query=True, required=False) option: List('naptrrecord', attribute=True, cli_name='naptr_rec',ist('naptrrecord', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True, query=True, required=False) option: List('nsrecord', attribute=True, cli_name='ns_rec',ist('nsrecord', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True, query=True, required=False) option: List('nsecrecord', attribute=True, cli_name='nsec_rec',ist('nsecrecord', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True, query=True, required=False) diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 1437011..592945f 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -30,6 +30,9 @@ EXAMPLES: Add second nameserver for example.com: ipa dnsrecord-add example.com @ --ns-rec nameserver2.example.com + Add a mail server for example.com: + ipa dnsrecord-add example.com @ --mx-rec mail2 + Delete previously added nameserver from example.com: ipa dnsrecord-del example.com @ --ns-rec nameserver2.example.com @@ -136,11 +139,25 @@ def _validate_srv(ugettext, srv): return None +def _validate_mx(ugettext, srv): + try: + prio, host = srv.split() + except ValueError: + return u'format must be specified as "priority mailserver"' + + try: + prio = int(prio) + except ValueError: + return u'the values of priority must be integer' + + return None + _record_validators = { u'A': _validate_ipaddr, u'AAAA': _validate_ipaddr, u'APL': _validate_ipnet, u'SRV': _validate_srv, + u'MX': _validate_mx, } def has_cli_options(entry, no_option_msg): -- 1.7.4
jhrozek-freeipa-057-mx-record.patch.sig
Description: PGP signature
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel