IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Ease zonemgr restrictions

Browse Source 
Admin e-mail validator currently requires an email to be in
a second-level domain (hostmaster@example.com). This is too
restrictive. Top level domain e-mails (hostmaster@testrelm)
should also be allowed.

This patch also fixes default zonemgr value in help texts and man
pages.

https://fedorahosted.org/freeipa/ticket/2272
This commit is contained in:
Martin Kosek 2012-02-20 13:40:13 +01:00
parent 8ec98dfcae
commit e10af0b764
5 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
install/tools/ipa-dns-install
View File

@ -51,7 +51,7 @@ def parse_options():
default=False, help="Do not create new reverse DNS zone") default=False, help="Do not create new reverse DNS zone")
parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback, parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
type="string", type="string",
help="DNS zone manager e-mail address. Defaults to root") help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN")
parser.add_option("--zone-notif", dest="zone_notif", parser.add_option("--zone-notif", dest="zone_notif",
action="store_true", default=False, action="store_true", default=False,
help="Let name server receive notification when a new zone is added." \ help="Let name server receive notification when a new zone is added." \

2
install/tools/ipa-server-install
View File

@ -192,7 +192,7 @@ def parse_options():
default=False, help="Do not create reverse DNS zone") default=False, help="Do not create reverse DNS zone")
dns_group.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback, dns_group.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
type="string", type="string",
help="DNS zone manager e-mail address. Defaults to root") help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN")
dns_group.add_option("--zone-notif", dest="zone_notif", dns_group.add_option("--zone-notif", dest="zone_notif",
action="store_true", default=False, action="store_true", default=False,
help="Let name server receive notification when a new zone is added." \ help="Let name server receive notification when a new zone is added." \

2
install/tools/man/ipa-dns-install.1
View File

@ -47,7 +47,7 @@ The reverse DNS zone to use
Do not create new reverse DNS zone. If used on a replica and a reverse DNS zone already exists for the subnet, it will be used. Do not create new reverse DNS zone. If used on a replica and a reverse DNS zone already exists for the subnet, it will be used.
.TP .TP
\fB\-\-zonemgr\fR \fB\-\-zonemgr\fR
The e\-mail address of the DNS zone manager. Defaults too root@host.domain The e\-mail address of the DNS zone manager. Defaults to hostmaster@DOMAIN
.TP .TP
\fB\-\-zone\-notif\fR \fB\-\-zone\-notif\fR
Let name server receive notifications when a new zone is added. New zone is then immediately loaded by the name server. This feature uses an LDAP Persistent Search mechanism to receive the data. Zone refresh is turned off when zone notifications are enabled. Let name server receive notifications when a new zone is added. New zone is then immediately loaded by the name server. This feature uses an LDAP Persistent Search mechanism to receive the data. Zone refresh is turned off when zone notifications are enabled.

2
install/tools/man/ipa-server-install.1
View File

@ -143,7 +143,7 @@ The reverse DNS zone to use
Do not create reverse DNS zone Do not create reverse DNS zone
.TP .TP
\fB\-\-zonemgr\fR \fB\-\-zonemgr\fR
The e\-mail address of the DNS zone manager. Defaults to root@host.domain The e\-mail address of the DNS zone manager. Defaults to hostmaster@DOMAIN
.TP .TP
\fB\-\-zone\-notif\fR \fB\-\-zone\-notif\fR
Let name server receive notifications when a new zone is added. New zone is then immediately loaded by the name server. This feature uses an LDAP Persistent Search mechanism to receive the data. Zone refresh is turned off when zone notifications are enabled. Let name server receive notifications when a new zone is added. New zone is then immediately loaded by the name server. This feature uses an LDAP Persistent Search mechanism to receive the data. Zone refresh is turned off when zone notifications are enabled.

9
ipalib/util.py
View File

@ -231,6 +231,8 @@ def validate_zonemgr(zonemgr):
local_part, dot, domain = zonemgr.partition('@') local_part, dot, domain = zonemgr.partition('@')
if not regex_local_part.match(local_part): if not regex_local_part.match(local_part):
raise ValueError(local_part_errmsg) raise ValueError(local_part_errmsg)
if not domain:
raise ValueError(_('missing address domain'))
elif zonemgr.count('@') > 1: elif zonemgr.count('@') > 1:
raise ValueError(_('too many \'@\' characters')) raise ValueError(_('too many \'@\' characters'))
else: else:
@ -238,8 +240,7 @@ def validate_zonemgr(zonemgr):
if last_fake_sep != -1: # there is a 'fake' local-part/domain separator if last_fake_sep != -1: # there is a 'fake' local-part/domain separator
sep = zonemgr.find('.', last_fake_sep+2) sep = zonemgr.find('.', last_fake_sep+2)
if sep == -1: if sep == -1:
raise ValueError(_('address domain is not fully qualified ' \ raise ValueError(_('missing address domain'))
'("example.com" instead of just "example")'))
local_part = zonemgr[:sep] local_part = zonemgr[:sep]
domain = zonemgr[sep+1:] domain = zonemgr[sep+1:]
@ -251,10 +252,6 @@ def validate_zonemgr(zonemgr):
if not regex_local_part.match(local_part): if not regex_local_part.match(local_part):
raise ValueError(local_part_errmsg) raise ValueError(local_part_errmsg)
if '.' not in domain:
raise ValueError(_('address domain is not fully qualified ' \
'("example.com" instead of just "example")'))
if not all(regex_domain.match(part) for part in domain.split(".")): if not all(regex_domain.match(part) for part in domain.split(".")):
raise ValueError(_('domain name may only include letters, numbers, and -')) raise ValueError(_('domain name may only include letters, numbers, and -'))