This patch ensures that PTR records added by FreeIPA are compliant with RFC.
https://fedorahosted.org/freeipa/ticket/839 Jan
From 4d2b3200920c90884ddf5a2d5ae784bbe35b41d1 Mon Sep 17 00:00:00 2001 From: Jan Zeleny <jzel...@redhat.com> Date: Wed, 16 Feb 2011 04:47:36 -0500 Subject: [PATCH] Validate that the reverse DNS record is correct This patch ensures that PTR records added by FreeIPA are compliant with RFC. https://fedorahosted.org/freeipa/ticket/839 --- ipalib/plugins/dns.py | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 592945f78c59877fada5fa6c40eee3b1acb564b2..e764d6f558a6ecb0d7b732a1e51b1755beb4f7f4 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -619,6 +619,16 @@ class dnsrecord_add(LDAPCreate, dnsrecord_cmd_w_record_options): is_ns_rec_resolvable(ns) return dn + def _ptrrecord_pre_callback(self, ldap, dn, entry_attrs, *keys, **options): + components = dn.split(',',2) + addr = components[0].split('=')[1] + zone = components[1].split('=')[1].replace('.in-addr.arpa.','') + + if len(addr.split('.'))+len(zone.split('.')) != 4: + raise errors.ValidationError(name='idnsname', error=u'reversed IP address must have exactly four components') + + return dn + def pre_callback(self, ldap, dn, entry_attrs, *keys, **options): for rtype in options: rtype_cb = '_%s_pre_callback' % rtype -- 1.7.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel