fix forwarder validation errors

Fix tests, validation in dnsconfig mod, wuser warning

Reviewed-By: Petr Spacek <pspacek@redhat.com>

ipalib/plugins/dns.py

@@ -3942,12 +3942,14 @@ class dnsconfig_mod(LDAPUpdate):
         # test dnssec forwarders
         non_dnssec_forwarders = []
         not_responding_forwarders = []
-        for forwarder in options.get('idnsforwarders', []):
-            dnssec_status = validate_dnssec_forwarder(forwarder)
-            if dnssec_status is None:
-                not_responding_forwarders.append(forwarder)
-            elif dnssec_status is False:
-                non_dnssec_forwarders.append(forwarder)
+        forwarders = options.get('idnsforwarders')
+        if forwarders:
+            for forwarder in forwarders:
+                dnssec_status = validate_dnssec_forwarder(forwarder)
+                if dnssec_status is None:
+                    not_responding_forwarders.append(forwarder)
+                elif dnssec_status is False:
+                    non_dnssec_forwarders.append(forwarder)
 
         result = super(dnsconfig_mod, self).execute(*keys, **options)
         self.obj.postprocess_result(result)

ipaserver/install/bindinstance.py

@@ -464,8 +464,10 @@ def check_forwarders(dns_forwarders, logger):
             logger.warning("DNS forwarder %s does not return DNSSEC signatures in answers", forwarder)
             logger.warning("Please fix forwarder configuration to enable DNSSEC support.\n"
                 "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")")
-            print ("WARNING: DNS forwarder %s is not configured to support "
-                   "DNSSEC" % forwarder)
+            print ("WARNING: DNS forwarder %s does not return DNSSEC "
+                   "signatures in answers" % forwarder)
+            print "Please fix forwarder configuration to enable DNSSEC support."
+            print "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")"
 
     return forwarders_dnssec_valid
 

ipatests/test_xmlrpc/test_dns_plugin.py

@@ -1662,6 +1662,12 @@ class test_dns(Declarative):
             expected={
                 'value': None,
                 'summary': None,
+                u'messages': (
+                    {u'message': u'DNS server 172.16.31.80 not responding.',
+                     u'code': 13006,
+                     u'type':u'warning',
+                     u'name': u'DNSServerNotRespondingWarning'},
+                ),
                 'result': {
                     'idnsforwarders': [fwd_ip],
                 },