Add --zonemgr/--admin-mail validator

Do at least a basic validation of DNS zone manager mail address. Do not require '@' to be in the mail address as the SOA record stores this value without it and people may be used to configure it that way. '@' is always removed by the installer/dns plugin before the DNS zone is created. https://fedorahosted.org/freeipa/ticket/1966
2025-02-25 18:55:28 -06:00 · 2011-10-24 18:35:48 +02:00
parent 9bdbdbc0f3
commit b26d0dcc04
6 changed files with 62 additions and 16 deletions
--- a/install/tools/ipa-dns-install
+++ b/install/tools/ipa-dns-install
@@ -48,7 +48,8 @@ def parse_options():
    parser.add_option("--reverse-zone", dest="reverse_zone", help="The reverse DNS zone to use")
    parser.add_option("--no-reverse", dest="no_reverse", action="store_true",
                      default=False, help="Do not create reverse DNS zone")
-    parser.add_option("--zonemgr", dest="zonemgr", 
+    parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
+                      type="string",
                      help="DNS zone manager e-mail address. Defaults to root")
    parser.add_option("--zone-notif", dest="zone_notif",
                      action="store_true", default=False,
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -58,7 +58,6 @@ from ipaserver.plugins.ldap2 import ldap2
 from ipapython import sysrestore
 from ipapython.ipautil import *
 from ipalib import api, errors, util
-from ipalib.parameters import IA5Str
 from ipapython.config import IPAOptionParser
 from ipalib.dn import DN
 from ipalib.x509 import load_certificate_from_file, load_certificate_chain_from_file
@@ -76,16 +75,6 @@ VALID_SUBJECT_ATTRS = ['cn', 'st', 'o', 'ou', 'dnqualifier', 'c',
                       'incorporationlocality', 'incorporationstate',
                       'incorporationcountry', 'businesscategory']

-def zonemgr_callback(option, opt_str, value, parser):
-    """
-    Make sure the zonemgr is an IA5String.
-    """
-    name = opt_str.replace('--','')
-    v = unicode(value, 'utf-8')
-    ia = IA5Str(name)
-    ia._convert_scalar(v)
-    parser.values.zonemgr = value
-
 def subject_callback(option, opt_str, value, parser):
    """
    Make sure the certificate subject base is a valid DN
@@ -195,7 +184,7 @@ def parse_options():
    dns_group.add_option("--reverse-zone", dest="reverse_zone", help="The reverse DNS zone to use")
    dns_group.add_option("--no-reverse", dest="no_reverse", action="store_true",
                      default=False, help="Do not create reverse DNS zone")
-    dns_group.add_option("--zonemgr", action="callback", callback=zonemgr_callback,
+    dns_group.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
                      type="string",
                      help="DNS zone manager e-mail address. Defaults to root")
    dns_group.add_option("--zone-notif", dest="zone_notif",