Loopback address, "localhost" and "localnets" ACIs are no longer an issue for bind-dyndb-ldap. Allow them in our validators.
-- Martin Kosek <mko...@redhat.com> Senior Software Engineer - Identity Management Team Red Hat Inc.
>From 74dcac478622c502bab7aef9ba7bade0bd9a704f Mon Sep 17 00:00:00 2001 From: Martin Kosek <mko...@redhat.com> Date: Thu, 6 Sep 2012 11:34:02 +0200 Subject: [PATCH] Allow localhost in zone ACIs Loopback address, "localhost" and "localnets" ACIs are no longer an issue for bind-dyndb-ldap. Allow them in our validators. --- ipalib/plugins/dns.py | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 3987001f06dba1bcc5a311243e4f1fdcf83091c7..e9f8b0cc0103706c5bbf933b14c372c369ff86b2 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -299,18 +299,15 @@ def _validate_bind_aci(ugettext, bind_acis): bind_acis.pop(-1) for bind_aci in bind_acis: - if bind_aci in ("any", "none"): + if bind_aci in ("any", "none", "localhost", "localnets"): continue - if bind_aci in ("localhost", "localnets"): - return _('ACL name "%s" is not supported') % bind_aci - if bind_aci.startswith('!'): bind_aci = bind_aci[1:] try: ip = CheckedIPAddress(bind_aci, parse_netmask=True, - allow_network=True) + allow_network=True, allow_loopback=True) except (netaddr.AddrFormatError, ValueError), e: return unicode(e) except UnboundLocalError: @@ -335,7 +332,7 @@ def _normalize_bind_aci(bind_acis): try: ip = CheckedIPAddress(bind_aci, parse_netmask=True, - allow_network=True) + allow_network=True, allow_loopback=True) if '/' in bind_aci: # addr with netmask netmask = "/%s" % ip.prefixlen else: -- 1.7.11.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel