IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

DNS tests for classless reverse domains

Browse Source 
Ticket: https://fedorahosted.org/freeipa/ticket/4143
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
Martin Basti 2014-01-31 15:52:35 +01:00 committed by Martin Kosek
parent 8ede71fd84
commit 5d65856588
4 changed files with 246 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

251
ipatests/test_xmlrpc/test_dns_plugin.py
View File

@ -42,6 +42,17 @@ zone2_dn = DN(('idnsname', zone2), api.env.container_dns, api.env.basedn)
zone2_ns = u'ns1.%s.' % zone2 zone2_ns = u'ns1.%s.' % zone2
zone2_rname = u'root.%s.' % zone2 zone2_rname = u'root.%s.' % zone2
zone3 = u'zone3.test'
zone3_ip = u'192.168.1.1'
zone3_ip2 = u'192.168.1.129'
zone3_dn = DN(('idnsname', zone3), api.env.container_dns, api.env.basedn)
zone3_ns = u'ns1.%s.' % zone3
zone3_ns2 = u'ns2.%s.' % zone3
zone3_rname = u'root.%s.' % zone3
zone3_ns2_arec = u'ns2'
zone3_ns2_arec_dn = DN(('idnsname',zone3_ns2_arec), zone3_dn)
revzone1 = u'31.16.172.in-addr.arpa.' revzone1 = u'31.16.172.in-addr.arpa.'
revzone1_ip = u'172.16.31.0' revzone1_ip = u'172.16.31.0'
revzone1_ipprefix = u'172.16.31.' revzone1_ipprefix = u'172.16.31.'
@ -51,6 +62,16 @@ revzone2 = u'30.15.172.in-addr.arpa.'
revzone2_ip = u'172.15.30.0/24' revzone2_ip = u'172.15.30.0/24'
revzone2_dn = DN(('idnsname',revzone2), api.env.container_dns, api.env.basedn) revzone2_dn = DN(('idnsname',revzone2), api.env.container_dns, api.env.basedn)
revzone3_classless1 = u'1.168.192.in-addr.arpa.'
revzone3_classless1_ip = u'192.168.1.0'
revzone3_classless1_ipprefix = u'192.168.1.'
revzone3_classless1_dn = DN(('idnsname', revzone3_classless1), api.env.container_dns, api.env.basedn)
revzone3_classless2 = u'128/25.1.168.192.in-addr.arpa.'
revzone3_classless2_ip = u'192.168.1.128'
revzone3_classless2_ipprefix = u'192.168.1.'
revzone3_classless2_dn = DN(('idnsname', revzone3_classless2), api.env.container_dns, api.env.basedn)
name1 = u'testdnsres' name1 = u'testdnsres'
name1_dn = DN(('idnsname',name1), zone1_dn) name1_dn = DN(('idnsname',name1), zone1_dn)
name1_renamed = u'testdnsres-renamed' name1_renamed = u'testdnsres-renamed'
@ -69,6 +90,17 @@ cname_dn = DN(('idnsname',cname), zone1_dn)
dname = u'testdns-dname' dname = u'testdns-dname'
dname_dn = DN(('idnsname',dname), zone1_dn) dname_dn = DN(('idnsname',dname), zone1_dn)
nsrev = u'128/25'
nsrev_dn = DN(('idnsname',nsrev), revzone3_classless1_dn)
cnamerev = u'129'
cnamerev_dn = DN(('idnsname',cnamerev), revzone3_classless1_dn)
cnamerev_hostname = u'129.128/25.1.168.192.in-addr.arpa.'
ptr_revzone3 = u'129'
ptr_revzone3_dn = DN(('idnsname',cnamerev), revzone3_classless2_dn)
ptr_revzone3_hostname = zone3_ns2;
relnxname = u'does-not-exist-test' relnxname = u'does-not-exist-test'
absnxname = u'does.not.exist.test.' absnxname = u'does.not.exist.test.'
@ -103,7 +135,8 @@ class test_dns(Declarative):
pass pass
cleanup_commands = [ cleanup_commands = [
('dnszone_del', [zone1, zone2, revzone1, revzone2], ('dnszone_del', [zone1, zone2, zone3, revzone1, revzone2,
revzone3_classless1, revzone3_classless2],
{'continue': True}), {'continue': True}),
('dnsconfig_mod', [], {'idnsforwarders' : None, ('dnsconfig_mod', [], {'idnsforwarders' : None,
'idnsforwardpolicy' : None, 'idnsforwardpolicy' : None,
@ -148,8 +181,8 @@ class test_dns(Declarative):
} }
), ),
expected=errors.ValidationError(name='name', expected=errors.ValidationError(name='name',
error=u'only letters, numbers, and - are allowed. ' + error=u"only letters, numbers, '-' are allowed." +
u'DNS label may not start or end with -'), u" DNS label may not start or end with '-'"),
), ),
@ -525,8 +558,8 @@ class test_dns(Declarative):
desc='Try to create record with invalid name in zone %r' % zone1, desc='Try to create record with invalid name in zone %r' % zone1,
command=('dnsrecord_add', [zone1, u'invalid record'], {'arecord': arec2}), command=('dnsrecord_add', [zone1, u'invalid record'], {'arecord': arec2}),
expected=errors.ValidationError(name='name', expected=errors.ValidationError(name='name',
error=u'only letters, numbers, _, and - are allowed. ' + error=u"only letters, numbers, '_', '/', '-' are allowed." +
u'DNS label may not start or end with -'), u" DNS label may not start or end with '/', '-'"),
), ),
@ -701,8 +734,8 @@ class test_dns(Declarative):
'srv_part_port' : 123, 'srv_part_port' : 123,
'srv_part_target' : u'foo bar'}), 'srv_part_target' : u'foo bar'}),
expected=errors.ValidationError(name='srv_target', expected=errors.ValidationError(name='srv_target',
error=u'invalid domain-name: only letters, numbers, _, and - ' + error=u"invalid domain-name: only letters, numbers, '_', '-' are allowed." +
u'are allowed. DNS label may not start or end with -'), u" DNS label may not start or end with '-'"),
), ),
dict( dict(
@ -804,8 +837,8 @@ class test_dns(Declarative):
desc='Try to add invalid CNAME record %r using dnsrecord_add' % (cname), desc='Try to add invalid CNAME record %r using dnsrecord_add' % (cname),
command=('dnsrecord_add', [zone1, cname], {'cnamerecord': u'-.%s' % relnxname}), command=('dnsrecord_add', [zone1, cname], {'cnamerecord': u'-.%s' % relnxname}),
expected=errors.ValidationError(name='hostname', expected=errors.ValidationError(name='hostname',
error=u'invalid domain-name: only letters, numbers, _, and - ' + error=u"invalid domain-name: only letters, numbers, '_', '/', '-' are allowed." +
u'are allowed. DNS label may not start or end with -'), u" DNS label may not start or end with '/', '-'"),
), ),
dict( dict(
@ -874,8 +907,8 @@ class test_dns(Declarative):
command=('dnsrecord_add', [zone1, dname], {'dnamerecord': u'-.%s' command=('dnsrecord_add', [zone1, dname], {'dnamerecord': u'-.%s'
% absnxname}), % absnxname}),
expected=errors.ValidationError(name='target', expected=errors.ValidationError(name='target',
error=u'invalid domain-name: only letters, numbers, _, and - ' + error=u"invalid domain-name: only letters, numbers, '_', '/', '-' are allowed." +
u'are allowed. DNS label may not start or end with -'), u" DNS label may not start or end with '/', '-'"),
), ),
dict( dict(
@ -1159,8 +1192,8 @@ class test_dns(Declarative):
desc='Try to add invalid PTR %r to %r using dnsrecord_add' % (revname1, revzone1), desc='Try to add invalid PTR %r to %r using dnsrecord_add' % (revname1, revzone1),
command=('dnsrecord_add', [revzone1, revname1], {'ptrrecord': u'-.%s' % relnxname}), command=('dnsrecord_add', [revzone1, revname1], {'ptrrecord': u'-.%s' % relnxname}),
expected=errors.ValidationError(name='hostname', expected=errors.ValidationError(name='hostname',
error=u'invalid domain-name: only letters, numbers, and - ' + error=u"invalid domain-name: only letters, numbers, '-' " +
u'are allowed. DNS label may not start or end with -'), u"are allowed. DNS label may not start or end with '-'"),
), ),
dict( dict(
@ -1551,4 +1584,196 @@ class test_dns(Declarative):
}, },
), ),
dict(
desc='Create zone %r' % zone3,
command=(
'dnszone_add', [zone3], {
'idnssoamname': zone3_ns,
'idnssoarname': zone3_rname,
'ip_address' : zone3_ip,
}
),
expected={
'value': zone3,
'summary': None,
'result': {
'dn': zone3_dn,
'idnsname': [zone3],
'idnszoneactive': [u'TRUE'],
'idnssoamname': [zone3_ns],
'nsrecord': [zone3_ns],
'idnssoarname': [zone3_rname],
'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits],
'idnssoaexpire': [fuzzy_digits],
'idnssoaminimum': [fuzzy_digits],
'idnsallowdynupdate': [u'FALSE'],
'idnsupdatepolicy': [u'grant %(realm)s krb5-self * A; '
u'grant %(realm)s krb5-self * AAAA; '
u'grant %(realm)s krb5-self * SSHFP;'
% dict(realm=api.env.realm)],
'idnsallowtransfer': [u'none;'],
'idnsallowquery': [u'any;'],
'objectclass': objectclasses.dnszone,
},
},
),
dict(
desc='Add A record to %r in zone %r' % (zone3_ns2_arec, zone3),
command=('dnsrecord_add', [zone3, zone3_ns2_arec], {'arecord': zone3_ip2}),
expected={
'value': zone3_ns2_arec,
'summary': None,
'result': {
'dn': zone3_ns2_arec_dn,
'idnsname': [zone3_ns2_arec],
'arecord': [zone3_ip2],
'objectclass': objectclasses.dnsrecord,
},
},
),
dict(
desc='Create reverse zone %r' % revzone3_classless1,
command=(
'dnszone_add', [revzone3_classless1], {
'idnssoamname': zone3_ns,
'idnssoarname': zone3_rname,
}
),
expected={
'value': revzone3_classless1,
'summary': None,
'result': {
'dn': revzone3_classless1_dn,
'idnsname': [revzone3_classless1],
'idnszoneactive': [u'TRUE'],
'idnssoamname': [zone3_ns],
'nsrecord': [zone3_ns],
'idnssoarname': [zone3_rname],
'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits],
'idnssoaexpire': [fuzzy_digits],
'idnssoaminimum': [fuzzy_digits],
'idnsallowdynupdate': [u'FALSE'],
'idnsupdatepolicy': [u'grant %(realm)s krb5-subdomain %(zone)s PTR;'
% dict(realm=api.env.realm, zone=revzone3_classless1)],
'idnsallowtransfer': [u'none;'],
'idnsallowquery': [u'any;'],
'objectclass': objectclasses.dnszone,
},
},
),
dict(
desc='Create classless reverse zone %r' % revzone3_classless2,
command=(
'dnszone_add', [revzone3_classless2], {
'idnssoamname': zone3_ns2,
'idnssoarname': zone3_rname,
}
),
expected={
'value': revzone3_classless2,
'summary': None,
'result': {
'dn': revzone3_classless2_dn,
'idnsname': [revzone3_classless2],
'idnszoneactive': [u'TRUE'],
'idnssoamname': [zone3_ns2],
'nsrecord': [zone3_ns2],
'idnssoarname': [zone3_rname],
'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits],
'idnssoaexpire': [fuzzy_digits],
'idnssoaminimum': [fuzzy_digits],
'idnsallowdynupdate': [u'FALSE'],
'idnsupdatepolicy': [u'grant %(realm)s krb5-subdomain %(zone)s PTR;'
% dict(realm=api.env.realm, zone=revzone3_classless2)],
'idnsallowtransfer': [u'none;'],
'idnsallowquery': [u'any;'],
'objectclass': objectclasses.dnszone,
},
},
),
dict(
desc='Add NS record to %r in revzone %r' % (nsrev, revzone3_classless1),
command=('dnsrecord_add', [revzone3_classless1, nsrev], {'nsrecord': zone3_ns2}),
expected={
'value': nsrev,
'summary': None,
'result': {
'dn': nsrev_dn,
'idnsname': [nsrev],
'nsrecord': [zone3_ns2],
'objectclass': objectclasses.dnsrecord,
},
},
),
dict(
desc='Add CNAME record to %r in revzone %r' % (cnamerev, revzone3_classless1),
command=('dnsrecord_add', [revzone3_classless1, cnamerev], {'cnamerecord': cnamerev_hostname}),
expected={
'value': cnamerev,
'summary': None,
'result': {
'dn': cnamerev_dn,
'idnsname': [cnamerev],
'cnamerecord': [cnamerev_hostname],
'objectclass': objectclasses.dnsrecord,
},
},
),
dict(
desc='Add PTR record to %r in revzone %r' % (ptr_revzone3, revzone3_classless2),
command=('dnsrecord_add', [revzone3_classless2, cnamerev],
{'ptrrecord': ptr_revzone3_hostname}),
expected={
'value': ptr_revzone3,
'summary': None,
'result': {
'dn': ptr_revzone3_dn,
'idnsname': [ptr_revzone3],
'ptrrecord': [ptr_revzone3_hostname],
'objectclass': objectclasses.dnsrecord,
},
},
),
dict(
desc='Try to create zone with invalid name',
command=(
'dnszone_add', [u'invalid/zone'], {
'idnssoamname': zone1_ns,
'idnssoarname': zone1_rname,
'ip_address' : zone1_ip,
}
),
expected=errors.ValidationError(name='name',
error=u"only letters, numbers, '-' are allowed." +
u" DNS label may not start or end with '-'"),
),
dict(
desc='Try to add NS record %r to non-reverse zone %r using dnsrecord_add' % (nsrev, zone1),
command=('dnsrecord_add', [zone1, nsrev], {'nsrecord': zone3_ns2}),
expected=errors.ValidationError(name='idnsname',
error=u"only letters, numbers, '_', '-' are allowed." +
u" DNS label may not start or end with '-'"),
),
dict(
desc='Try to add invalid PTR hostname %r to %r using dnsrecord_add' % (cnamerev_hostname, revzone1),
command=('dnsrecord_add', [revzone1, revname1], {'ptrrecord': cnamerev_hostname }),
expected=errors.ValidationError(name='hostname',
error=u"invalid domain-name: only letters, numbers, '-' are allowed." +
u" DNS label may not start or end with '-'"),
),
] ]

8
ipatests/test_xmlrpc/test_netgroup_plugin.py
View File

@ -341,8 +341,8 @@ class test_netgroup(Declarative):
desc='Add invalid host %r to netgroup %r' % (invalidhost, netgroup1), desc='Add invalid host %r to netgroup %r' % (invalidhost, netgroup1),
command=('netgroup_add_member', [netgroup1], dict(host=invalidhost)), command=('netgroup_add_member', [netgroup1], dict(host=invalidhost)),
expected=errors.ValidationError(name='host', expected=errors.ValidationError(name='host',
error='only letters, numbers, _, and - are allowed. ' + error=u"only letters, numbers, '_', '-' are allowed. " +
u'DNS label may not start or end with -'), u"DNS label may not start or end with '-'"),
), ),
@ -782,8 +782,8 @@ class test_netgroup(Declarative):
dict(setattr='externalhost=%s' % invalidhost) dict(setattr='externalhost=%s' % invalidhost)
), ),
expected=errors.ValidationError(name='externalhost', expected=errors.ValidationError(name='externalhost',
error='only letters, numbers, _, and - are allowed. ' + error=u"only letters, numbers, '_', '-' are allowed. " +
'DNS label may not start or end with -'), u"DNS label may not start or end with '-'"),
), ),
dict( dict(

4
ipatests/test_xmlrpc/test_radiusproxy_plugin.py
View File

@ -240,8 +240,8 @@ class test_raduisproxy(Declarative):
for fqdn, error in ( for fqdn, error in (
(radius1_fqdn + u':0x5a', 'invalid port number'), (radius1_fqdn + u':0x5a', 'invalid port number'),
(radius1_fqdn + u':1:2:3', (radius1_fqdn + u':1:2:3',
'only letters, numbers, _, and - are allowed. DNS label may not ' "only letters, numbers, '_', '-' are allowed. DNS label may not "
'start or end with -'), "start or end with '-'"),
(u'bogus', 'not fully qualified'), (u'bogus', 'not fully qualified'),
) )
] + [ ] + [

4
ipatests/test_xmlrpc/test_sudorule_plugin.py
View File

@ -496,8 +496,8 @@ class test_sudorule(XMLRPC_test):
) )
except errors.ValidationError, e: except errors.ValidationError, e:
assert unicode(e) == ("invalid 'externalhost': only letters, " + assert unicode(e) == ("invalid 'externalhost': only letters, " +
"numbers, _, and - are allowed. " + "numbers, '_', '-' are allowed. " +
"DNS label may not start or end with -") "DNS label may not start or end with '-'")
else: else:
assert False assert False