IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Improve DNS record data validation

Browse Source 
Implement missing validators for DNS RR types so that we can capture
at least basic user errors. Additionally, a normalizer creating
a fully-qualified domain name has been implemented for several RRs
where name server may mis-interpret the domain name otherwise.

Unit tests exercising these new validators for the most common
RR types have been added. This patch also consolidates hard-coded
values in DNS test to one place.

https://fedorahosted.org/freeipa/ticket/1106
This commit is contained in:
Martin Kosek
2011-11-09 17:35:52 +01:00
committed by Rob Crittenden
parent 9405e1a9db
commit efc3e2c1f7
4 changed files with 757 additions and 284 deletions
Download Patch File Download Diff File Expand all files Collapse all files

340
API.txt
View File

@@ -613,40 +613,40 @@ option: Flag('force', autofill=True, default=False, flags=['no_option', 'no_outp
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True) option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True, normalizer=None)
option: List('aaaarecord?', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True) option: List('aaaarecord?', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True, normalizer=None)
option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True) option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True, normalizer=None)
option: List('afsdbrecord?', attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True) option: List('afsdbrecord?', _validate_afsdb, attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True, normalizer=None)
option: List('aplrecord?', _validate_ipnet, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True) option: List('aplrecord?', _validate_unsupported, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True, normalizer=None)
option: List('certrecord?', attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True) option: List('certrecord?', _validate_cert, attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True, normalizer=None)
option: List('cnamerecord?', attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True) option: List('cnamerecord?', _validate_cname, attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True, normalizer=_normalize_domain_name)
option: List('dhcidrecord?', attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True) option: List('dhcidrecord?', _validate_unsupported, attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True, normalizer=None)
option: List('dlvrecord?', attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True) option: List('dlvrecord?', _validate_unsupported, attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True, normalizer=None)
option: List('dnamerecord?', attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True) option: List('dnamerecord?', _validate_dname, attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True, normalizer=_normalize_domain_name)
option: List('dnskeyrecord?', attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True) option: List('dnskeyrecord?', _validate_unsupported, attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True, normalizer=None)
option: List('dsrecord?', attribute=True, cli_name='ds_rec', label='DS record', multivalue=True) option: List('dsrecord?', _validate_ds, attribute=True, cli_name='ds_rec', label='DS record', multivalue=True, normalizer=None)
option: List('hiprecord?', attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True) option: List('hiprecord?', _validate_unsupported, attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True, normalizer=None)
option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True) option: List('ipseckeyrecord?', _validate_unsupported, attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True, normalizer=None)
option: List('keyrecord?', attribute=True, cli_name='key_rec', label='KEY record', multivalue=True) option: List('keyrecord?', _validate_key, attribute=True, cli_name='key_rec', label='KEY record', multivalue=True, normalizer=None)
option: List('kxrecord?', attribute=True, cli_name='kx_rec', label='KX record', multivalue=True) option: List('kxrecord?', _validate_kx, attribute=True, cli_name='kx_rec', label='KX record', multivalue=True, normalizer=None)
option: List('locrecord?', attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True) option: List('locrecord?', _validate_loc, attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True, normalizer=None)
option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True) option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True, normalizer=None)
option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True) option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True, normalizer=None)
option: List('nsrecord?', attribute=True, cli_name='ns_rec', label='NS record', multivalue=True) option: List('nsrecord?', _validate_ns, attribute=True, cli_name='ns_rec', label='NS record', multivalue=True, normalizer=_normalize_domain_name)
option: List('nsecrecord?', attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True) option: List('nsecrecord?', _validate_nsec, attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True, normalizer=None)
option: List('nsec3record?', attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True) option: List('nsec3record?', _validate_unsupported, attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True, normalizer=None)
option: List('nsec3paramrecord?', attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True) option: List('nsec3paramrecord?', _validate_unsupported, attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True, normalizer=None)
option: List('ptrrecord?', attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True) option: List('ptrrecord?', _validate_ptr, attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True, normalizer=_normalize_domain_name)
option: List('rrsigrecord?', attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True) option: List('rrsigrecord?', _validate_sig, attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True, normalizer=None)
option: List('rprecord?', attribute=True, cli_name='rp_rec', label='RP record', multivalue=True) option: List('rprecord?', _validate_unsupported, attribute=True, cli_name='rp_rec', label='RP record', multivalue=True, normalizer=None)
option: List('sigrecord?', attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True) option: List('sigrecord?', _validate_sig, attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True, normalizer=None)
option: List('spfrecord?', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True) option: List('spfrecord?', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True, normalizer=None)
option: List('srvrecord?', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True) option: List('srvrecord?', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True, normalizer=None)
option: List('sshfprecord?', attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True) option: List('sshfprecord?', _validate_sshfp, attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True, normalizer=None)
option: List('tarecord?', attribute=True, cli_name='ta_rec', label='TA record', multivalue=True) option: List('tarecord?', _validate_unsupported, attribute=True, cli_name='ta_rec', label='TA record', multivalue=True, normalizer=None)
option: List('tkeyrecord?', attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True) option: List('tkeyrecord?', _validate_unsupported, attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True, normalizer=None)
option: List('tsigrecord?', attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True) option: List('tsigrecord?', _validate_unsupported, attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True, normalizer=None)
option: List('txtrecord?', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True) option: List('txtrecord?', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True, normalizer=None)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed') output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user") output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
@@ -657,40 +657,40 @@ arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Record name
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True) option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True, normalizer=None)
option: List('aaaarecord?', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True) option: List('aaaarecord?', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True, normalizer=None)
option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True) option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True, normalizer=None)
option: List('afsdbrecord?', attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True) option: List('afsdbrecord?', _validate_afsdb, attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True, normalizer=None)
option: List('aplrecord?', _validate_ipnet, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True) option: List('aplrecord?', _validate_unsupported, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True, normalizer=None)
option: List('certrecord?', attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True) option: List('certrecord?', _validate_cert, attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True, normalizer=None)
option: List('cnamerecord?', attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True) option: List('cnamerecord?', _validate_cname, attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True, normalizer=_normalize_domain_name)
option: List('dhcidrecord?', attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True) option: List('dhcidrecord?', _validate_unsupported, attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True, normalizer=None)
option: List('dlvrecord?', attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True) option: List('dlvrecord?', _validate_unsupported, attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True, normalizer=None)
option: List('dnamerecord?', attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True) option: List('dnamerecord?', _validate_dname, attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True, normalizer=_normalize_domain_name)
option: List('dnskeyrecord?', attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True) option: List('dnskeyrecord?', _validate_unsupported, attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True, normalizer=None)
option: List('dsrecord?', attribute=True, cli_name='ds_rec', label='DS record', multivalue=True) option: List('dsrecord?', _validate_ds, attribute=True, cli_name='ds_rec', label='DS record', multivalue=True, normalizer=None)
option: List('hiprecord?', attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True) option: List('hiprecord?', _validate_unsupported, attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True, normalizer=None)
option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True) option: List('ipseckeyrecord?', _validate_unsupported, attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True, normalizer=None)
option: List('keyrecord?', attribute=True, cli_name='key_rec', label='KEY record', multivalue=True) option: List('keyrecord?', _validate_key, attribute=True, cli_name='key_rec', label='KEY record', multivalue=True, normalizer=None)
option: List('kxrecord?', attribute=True, cli_name='kx_rec', label='KX record', multivalue=True) option: List('kxrecord?', _validate_kx, attribute=True, cli_name='kx_rec', label='KX record', multivalue=True, normalizer=None)
option: List('locrecord?', attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True) option: List('locrecord?', _validate_loc, attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True, normalizer=None)
option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True) option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True, normalizer=None)
option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True) option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True, normalizer=None)
option: List('nsrecord?', attribute=True, cli_name='ns_rec', label='NS record', multivalue=True) option: List('nsrecord?', _validate_ns, attribute=True, cli_name='ns_rec', label='NS record', multivalue=True, normalizer=_normalize_domain_name)
option: List('nsecrecord?', attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True) option: List('nsecrecord?', _validate_nsec, attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True, normalizer=None)
option: List('nsec3record?', attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True) option: List('nsec3record?', _validate_unsupported, attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True, normalizer=None)
option: List('nsec3paramrecord?', attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True) option: List('nsec3paramrecord?', _validate_unsupported, attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True, normalizer=None)
option: List('ptrrecord?', attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True) option: List('ptrrecord?', _validate_ptr, attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True, normalizer=_normalize_domain_name)
option: List('rrsigrecord?', attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True) option: List('rrsigrecord?', _validate_sig, attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True, normalizer=None)
option: List('rprecord?', attribute=True, cli_name='rp_rec', label='RP record', multivalue=True) option: List('rprecord?', _validate_unsupported, attribute=True, cli_name='rp_rec', label='RP record', multivalue=True, normalizer=None)
option: List('sigrecord?', attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True) option: List('sigrecord?', _validate_sig, attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True, normalizer=None)
option: List('spfrecord?', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True) option: List('spfrecord?', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True, normalizer=None)
option: List('srvrecord?', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True) option: List('srvrecord?', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True, normalizer=None)
option: List('sshfprecord?', attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True) option: List('sshfprecord?', _validate_sshfp, attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True, normalizer=None)
option: List('tarecord?', attribute=True, cli_name='ta_rec', label='TA record', multivalue=True) option: List('tarecord?', _validate_unsupported, attribute=True, cli_name='ta_rec', label='TA record', multivalue=True, normalizer=None)
option: List('tkeyrecord?', attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True) option: List('tkeyrecord?', _validate_unsupported, attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True, normalizer=None)
option: List('tsigrecord?', attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True) option: List('tsigrecord?', _validate_unsupported, attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True, normalizer=None)
option: List('txtrecord?', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True) option: List('txtrecord?', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True, normalizer=None)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed') output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user") output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
@@ -702,40 +702,40 @@ option: Flag('del_all', autofill=True, default=False, label=Gettext('Delete all
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True) option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True, normalizer=None)
option: List('aaaarecord?', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True) option: List('aaaarecord?', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True, normalizer=None)
option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True) option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True, normalizer=None)
option: List('afsdbrecord?', attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True) option: List('afsdbrecord?', _validate_afsdb, attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True, normalizer=None)
option: List('aplrecord?', _validate_ipnet, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True) option: List('aplrecord?', _validate_unsupported, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True, normalizer=None)
option: List('certrecord?', attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True) option: List('certrecord?', _validate_cert, attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True, normalizer=None)
option: List('cnamerecord?', attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True) option: List('cnamerecord?', _validate_cname, attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True, normalizer=_normalize_domain_name)
option: List('dhcidrecord?', attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True) option: List('dhcidrecord?', _validate_unsupported, attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True, normalizer=None)
option: List('dlvrecord?', attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True) option: List('dlvrecord?', _validate_unsupported, attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True, normalizer=None)
option: List('dnamerecord?', attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True) option: List('dnamerecord?', _validate_dname, attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True, normalizer=_normalize_domain_name)
option: List('dnskeyrecord?', attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True) option: List('dnskeyrecord?', _validate_unsupported, attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True, normalizer=None)
option: List('dsrecord?', attribute=True, cli_name='ds_rec', label='DS record', multivalue=True) option: List('dsrecord?', _validate_ds, attribute=True, cli_name='ds_rec', label='DS record', multivalue=True, normalizer=None)
option: List('hiprecord?', attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True) option: List('hiprecord?', _validate_unsupported, attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True, normalizer=None)
option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True) option: List('ipseckeyrecord?', _validate_unsupported, attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True, normalizer=None)
option: List('keyrecord?', attribute=True, cli_name='key_rec', label='KEY record', multivalue=True) option: List('keyrecord?', _validate_key, attribute=True, cli_name='key_rec', label='KEY record', multivalue=True, normalizer=None)
option: List('kxrecord?', attribute=True, cli_name='kx_rec', label='KX record', multivalue=True) option: List('kxrecord?', _validate_kx, attribute=True, cli_name='kx_rec', label='KX record', multivalue=True, normalizer=None)
option: List('locrecord?', attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True) option: List('locrecord?', _validate_loc, attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True, normalizer=None)
option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True) option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True, normalizer=None)
option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True) option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True, normalizer=None)
option: List('nsrecord?', attribute=True, cli_name='ns_rec', label='NS record', multivalue=True) option: List('nsrecord?', _validate_ns, attribute=True, cli_name='ns_rec', label='NS record', multivalue=True, normalizer=_normalize_domain_name)
option: List('nsecrecord?', attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True) option: List('nsecrecord?', _validate_nsec, attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True, normalizer=None)
option: List('nsec3record?', attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True) option: List('nsec3record?', _validate_unsupported, attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True, normalizer=None)
option: List('nsec3paramrecord?', attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True) option: List('nsec3paramrecord?', _validate_unsupported, attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True, normalizer=None)
option: List('ptrrecord?', attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True) option: List('ptrrecord?', _validate_ptr, attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True, normalizer=_normalize_domain_name)
option: List('rrsigrecord?', attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True) option: List('rrsigrecord?', _validate_sig, attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True, normalizer=None)
option: List('rprecord?', attribute=True, cli_name='rp_rec', label='RP record', multivalue=True) option: List('rprecord?', _validate_unsupported, attribute=True, cli_name='rp_rec', label='RP record', multivalue=True, normalizer=None)
option: List('sigrecord?', attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True) option: List('sigrecord?', _validate_sig, attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True, normalizer=None)
option: List('spfrecord?', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True) option: List('spfrecord?', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True, normalizer=None)
option: List('srvrecord?', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True) option: List('srvrecord?', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True, normalizer=None)
option: List('sshfprecord?', attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True) option: List('sshfprecord?', _validate_sshfp, attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True, normalizer=None)
option: List('tarecord?', attribute=True, cli_name='ta_rec', label='TA record', multivalue=True) option: List('tarecord?', _validate_unsupported, attribute=True, cli_name='ta_rec', label='TA record', multivalue=True, normalizer=None)
option: List('tkeyrecord?', attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True) option: List('tkeyrecord?', _validate_unsupported, attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True, normalizer=None)
option: List('tsigrecord?', attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True) option: List('tsigrecord?', _validate_unsupported, attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True, normalizer=None)
option: List('txtrecord?', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True) option: List('txtrecord?', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True, normalizer=None)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed') output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user") output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
@@ -760,40 +760,40 @@ option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: Flag('pkey_only?', autofill=True, default=False', label=Gettext('Primary key only', domain='ipa', localedir=None)) option: Flag('pkey_only?', autofill=True, default=False', label=Gettext('Primary key only', domain='ipa', localedir=None))
option: List('arecord', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True, query=True, required=False) option: List('arecord', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True, normalizer=None, query=True, required=False)
option: List('aaaarecord', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True, query=True, required=False) option: List('aaaarecord', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True, normalizer=None, query=True, required=False)
option: List('a6record', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True, query=True, required=False) option: List('a6record', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True, normalizer=None, query=True, required=False)
option: List('afsdbrecord', attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True, query=True, required=False) option: List('afsdbrecord', _validate_afsdb, attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True, normalizer=None, query=True, required=False)
option: List('aplrecord', _validate_ipnet, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True, query=True, required=False) option: List('aplrecord', _validate_unsupported, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True, normalizer=None, query=True, required=False)
option: List('certrecord', attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True, query=True, required=False) option: List('certrecord', _validate_cert, attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True, normalizer=None, query=True, required=False)
option: List('cnamerecord', attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True, query=True, required=False) option: List('cnamerecord', _validate_cname, attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True, normalizer=_normalize_domain_name, query=True, required=False)
option: List('dhcidrecord', attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True, query=True, required=False) option: List('dhcidrecord', _validate_unsupported, attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True, normalizer=None, query=True, required=False)
option: List('dlvrecord', attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True, query=True, required=False) option: List('dlvrecord', _validate_unsupported, attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True, normalizer=None, query=True, required=False)
option: List('dnamerecord', attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True, query=True, required=False) option: List('dnamerecord', _validate_dname, attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True, normalizer=_normalize_domain_name, query=True, required=False)
option: List('dnskeyrecord', attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True, query=True, required=False) option: List('dnskeyrecord', _validate_unsupported, attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True, normalizer=None, query=True, required=False)
option: List('dsrecord', attribute=True, cli_name='ds_rec', label='DS record', multivalue=True, query=True, required=False) option: List('dsrecord', _validate_ds, attribute=True, cli_name='ds_rec', label='DS record', multivalue=True, normalizer=None, query=True, required=False)
option: List('hiprecord', attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True, query=True, required=False) option: List('hiprecord', _validate_unsupported, attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True, normalizer=None, query=True, required=False)
option: List('ipseckeyrecord', attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True, query=True, required=False) option: List('ipseckeyrecord', _validate_unsupported, attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True, normalizer=None, query=True, required=False)
option: List('keyrecord', attribute=True, cli_name='key_rec', label='KEY record', multivalue=True, query=True, required=False) option: List('keyrecord', _validate_key, attribute=True, cli_name='key_rec', label='KEY record', multivalue=True, normalizer=None, query=True, required=False)
option: List('kxrecord', attribute=True, cli_name='kx_rec', label='KX record', multivalue=True, query=True, required=False) option: List('kxrecord', _validate_kx, attribute=True, cli_name='kx_rec', label='KX record', multivalue=True, normalizer=None, query=True, required=False)
option: List('locrecord', attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True, query=True, required=False) option: List('locrecord', _validate_loc, attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True, normalizer=None, query=True, required=False)
option: List('mxrecord', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True, query=True, required=False) option: List('mxrecord', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True, normalizer=None, query=True, required=False)
option: List('naptrrecord', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True, query=True, required=False) option: List('naptrrecord', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True, normalizer=None, query=True, required=False)
option: List('nsrecord', attribute=True, cli_name='ns_rec', label='NS record', multivalue=True, query=True, required=False) option: List('nsrecord', _validate_ns, attribute=True, cli_name='ns_rec', label='NS record', multivalue=True, normalizer=_normalize_domain_name, query=True, required=False)
option: List('nsecrecord', attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True, query=True, required=False) option: List('nsecrecord', _validate_nsec, attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True, normalizer=None, query=True, required=False)
option: List('nsec3record', attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True, query=True, required=False) option: List('nsec3record', _validate_unsupported, attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True, normalizer=None, query=True, required=False)
option: List('nsec3paramrecord', attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True, query=True, required=False) option: List('nsec3paramrecord', _validate_unsupported, attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True, normalizer=None, query=True, required=False)
option: List('ptrrecord', attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True, query=True, required=False) option: List('ptrrecord', _validate_ptr, attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True, normalizer=_normalize_domain_name, query=True, required=False)
option: List('rrsigrecord', attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True, query=True, required=False) option: List('rrsigrecord', _validate_sig, attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True, normalizer=None, query=True, required=False)
option: List('rprecord', attribute=True, cli_name='rp_rec', label='RP record', multivalue=True, query=True, required=False) option: List('rprecord', _validate_unsupported, attribute=True, cli_name='rp_rec', label='RP record', multivalue=True, normalizer=None, query=True, required=False)
option: List('sigrecord', attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True, query=True, required=False) option: List('sigrecord', _validate_sig, attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True, normalizer=None, query=True, required=False)
option: List('spfrecord', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True, query=True, required=False) option: List('spfrecord', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True, normalizer=None, query=True, required=False)
option: List('srvrecord', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True, query=True, required=False) option: List('srvrecord', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True, normalizer=None, query=True, required=False)
option: List('sshfprecord', attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True, query=True, required=False) option: List('sshfprecord', _validate_sshfp, attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True, normalizer=None, query=True, required=False)
option: List('tarecord', attribute=True, cli_name='ta_rec', label='TA record', multivalue=True, query=True, required=False) option: List('tarecord', _validate_unsupported, attribute=True, cli_name='ta_rec', label='TA record', multivalue=True, normalizer=None, query=True, required=False)
option: List('tkeyrecord', attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True, query=True, required=False) option: List('tkeyrecord', _validate_unsupported, attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True, normalizer=None, query=True, required=False)
option: List('tsigrecord', attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True, query=True, required=False) option: List('tsigrecord', _validate_unsupported, attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True, normalizer=None, query=True, required=False)
option: List('txtrecord', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True, query=True, required=False) option: List('txtrecord', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True, normalizer=None, query=True, required=False)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed') output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('count', <type 'int'>, 'Number of entries returned') output: Output('count', <type 'int'>, 'Number of entries returned')
@@ -805,40 +805,40 @@ arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Record name
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True) option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True, normalizer=None)
option: List('aaaarecord?', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True) option: List('aaaarecord?', _validate_ipaddr, attribute=True, cli_name='aaaa_rec', label='AAAA record', multivalue=True, normalizer=None)
option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True) option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True, normalizer=None)
option: List('afsdbrecord?', attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True) option: List('afsdbrecord?', _validate_afsdb, attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True, normalizer=None)
option: List('aplrecord?', _validate_ipnet, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True) option: List('aplrecord?', _validate_unsupported, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True, normalizer=None)
option: List('certrecord?', attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True) option: List('certrecord?', _validate_cert, attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True, normalizer=None)
option: List('cnamerecord?', attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True) option: List('cnamerecord?', _validate_cname, attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True, normalizer=_normalize_domain_name)
option: List('dhcidrecord?', attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True) option: List('dhcidrecord?', _validate_unsupported, attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True, normalizer=None)
option: List('dlvrecord?', attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True) option: List('dlvrecord?', _validate_unsupported, attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True, normalizer=None)
option: List('dnamerecord?', attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True) option: List('dnamerecord?', _validate_dname, attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True, normalizer=_normalize_domain_name)
option: List('dnskeyrecord?', attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True) option: List('dnskeyrecord?', _validate_unsupported, attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True, normalizer=None)
option: List('dsrecord?', attribute=True, cli_name='ds_rec', label='DS record', multivalue=True) option: List('dsrecord?', _validate_ds, attribute=True, cli_name='ds_rec', label='DS record', multivalue=True, normalizer=None)
option: List('hiprecord?', attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True) option: List('hiprecord?', _validate_unsupported, attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True, normalizer=None)
option: List('ipseckeyrecord?', attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True) option: List('ipseckeyrecord?', _validate_unsupported, attribute=True, cli_name='ipseckey_rec', label='IPSECKEY record', multivalue=True, normalizer=None)
option: List('keyrecord?', attribute=True, cli_name='key_rec', label='KEY record', multivalue=True) option: List('keyrecord?', _validate_key, attribute=True, cli_name='key_rec', label='KEY record', multivalue=True, normalizer=None)
option: List('kxrecord?', attribute=True, cli_name='kx_rec', label='KX record', multivalue=True) option: List('kxrecord?', _validate_kx, attribute=True, cli_name='kx_rec', label='KX record', multivalue=True, normalizer=None)
option: List('locrecord?', attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True) option: List('locrecord?', _validate_loc, attribute=True, cli_name='loc_rec', label='LOC record', multivalue=True, normalizer=None)
option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True) option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', label='MX record', multivalue=True, normalizer=None)
option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True) option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', label='NAPTR record', multivalue=True, normalizer=None)
option: List('nsrecord?', attribute=True, cli_name='ns_rec', label='NS record', multivalue=True) option: List('nsrecord?', _validate_ns, attribute=True, cli_name='ns_rec', label='NS record', multivalue=True, normalizer=_normalize_domain_name)
option: List('nsecrecord?', attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True) option: List('nsecrecord?', _validate_nsec, attribute=True, cli_name='nsec_rec', label='NSEC record', multivalue=True, normalizer=None)
option: List('nsec3record?', attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True) option: List('nsec3record?', _validate_unsupported, attribute=True, cli_name='nsec3_rec', label='NSEC3 record', multivalue=True, normalizer=None)
option: List('nsec3paramrecord?', attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True) option: List('nsec3paramrecord?', _validate_unsupported, attribute=True, cli_name='nsec3param_rec', label='NSEC3PARAM record', multivalue=True, normalizer=None)
option: List('ptrrecord?', attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True) option: List('ptrrecord?', _validate_ptr, attribute=True, cli_name='ptr_rec', label='PTR record', multivalue=True, normalizer=_normalize_domain_name)
option: List('rrsigrecord?', attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True) option: List('rrsigrecord?', _validate_sig, attribute=True, cli_name='rrsig_rec', label='RRSIG record', multivalue=True, normalizer=None)
option: List('rprecord?', attribute=True, cli_name='rp_rec', label='RP record', multivalue=True) option: List('rprecord?', _validate_unsupported, attribute=True, cli_name='rp_rec', label='RP record', multivalue=True, normalizer=None)
option: List('sigrecord?', attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True) option: List('sigrecord?', _validate_sig, attribute=True, cli_name='sig_rec', label='SIG record', multivalue=True, normalizer=None)
option: List('spfrecord?', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True) option: List('spfrecord?', attribute=True, cli_name='spf_rec', label='SPF record', multivalue=True, normalizer=None)
option: List('srvrecord?', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True) option: List('srvrecord?', _validate_srv, attribute=True, cli_name='srv_rec', label='SRV record', multivalue=True, normalizer=None)
option: List('sshfprecord?', attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True) option: List('sshfprecord?', _validate_sshfp, attribute=True, cli_name='sshfp_rec', label='SSHFP record', multivalue=True, normalizer=None)
option: List('tarecord?', attribute=True, cli_name='ta_rec', label='TA record', multivalue=True) option: List('tarecord?', _validate_unsupported, attribute=True, cli_name='ta_rec', label='TA record', multivalue=True, normalizer=None)
option: List('tkeyrecord?', attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True) option: List('tkeyrecord?', _validate_unsupported, attribute=True, cli_name='tkey_rec', label='TKEY record', multivalue=True, normalizer=None)
option: List('tsigrecord?', attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True) option: List('tsigrecord?', _validate_unsupported, attribute=True, cli_name='tsig_rec', label='TSIG record', multivalue=True, normalizer=None)
option: List('txtrecord?', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True) option: List('txtrecord?', attribute=True, cli_name='txt_rec', label='TXT record', multivalue=True, normalizer=None)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed') output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user") output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")

380
ipalib/plugins/dns.py
View File

@@ -20,13 +20,14 @@
import netaddr import netaddr
import time import time
import re
from ipalib import api, errors, output from ipalib import api, errors, output
from ipalib import Command from ipalib import Command
from ipalib import Flag, Bool, Int, List, Str, StrEnum from ipalib import Flag, Bool, Int, List, Str, StrEnum
from ipalib.plugins.baseldap import * from ipalib.plugins.baseldap import *
from ipalib import _, ngettext from ipalib import _, ngettext
from ipalib.util import validate_zonemgr from ipalib.util import validate_zonemgr, validate_hostname
from ipapython import dnsclient from ipapython import dnsclient
from ipapython.ipautil import valid_ip from ipapython.ipautil import valid_ip
from ldap import explode_dn from ldap import explode_dn
@@ -59,6 +60,9 @@ EXAMPLES:
Delete previously added nameserver from example.com: Delete previously added nameserver from example.com:
ipa dnsrecord-del example.com @ --ns-rec nameserver2.example.com ipa dnsrecord-del example.com @ --ns-rec nameserver2.example.com
Add LOC record for example.com:
ipa dnsrecord-add example.com @ --loc-rec "49 11 42.4 N 16 36 29.6 E 227.64m"
Add new A record for www.example.com: (random IP) Add new A record for www.example.com: (random IP)
ipa dnsrecord-add example.com www --a-rec 80.142.15.2 ipa dnsrecord-add example.com www --a-rec 80.142.15.2
@@ -173,79 +177,412 @@ def _validate_ipaddr(ugettext, ipaddr):
try: try:
ip = netaddr.IPAddress(ipaddr) ip = netaddr.IPAddress(ipaddr)
except (netaddr.AddrFormatError, ValueError): except (netaddr.AddrFormatError, ValueError):
return u'invalid address format' return _('invalid IP address format')
return None return None
def _validate_ipnet(ugettext, ipnet): def _validate_ipnet(ugettext, ipnet):
try: try:
net = netaddr.IPNetwork(ipnet) net = netaddr.IPNetwork(ipnet)
except (netaddr.AddrFormatError, ValueError, UnboundLocalError): except (netaddr.AddrFormatError, ValueError, UnboundLocalError):
return u'invalid format' return _('invalid IP network format')
return None return None
def _validate_srv(ugettext, srv): def _validate_srv(ugettext, srv):
"""see RFC 2782"""
try: try:
prio, weight, port, host = srv.split() prio, weight, port, host = srv.split()
except ValueError: except ValueError:
return u'format must be specified as "priority weight port target"' return _('format must be specified as "priority weight port target"')
try: try:
prio = int(prio) prio = int(prio)
weight = int(weight) weight = int(weight)
port = int(port) port = int(port)
except ValueError: except ValueError:
return u'the values of priority, weight and port must be integers' return _('format must be specified as "priority weight port target" '\
'(see RFC 2782 for details)')
return None return None
def _validate_mx(ugettext, mx): def _validate_mx(ugettext, mx):
"""see RFC 1035"""
try: try:
prio, host = mx.split() prio, host = mx.split()
except ValueError: except ValueError:
return u'format must be specified as "priority mailserver"' return _('format must be specified as "priority mailserver" '\
'(see RFC 1035 for details)')
try: try:
prio = int(prio) prio = int(prio)
except ValueError: except ValueError:
return u'the value of priority must be integer' return _('the value of priority must be integer')
if prio < 0 or prio > 65535: if prio < 0 or prio > 65535:
return u'the value of priority must be between 0 and 65535' return _('the value of priority must be between 0 and 65535')
return None return None
def _validate_naptr(ugettext, naptr): def _validate_naptr(ugettext, naptr):
"see RFC 2915 " """see RFC 2915"""
try: try:
order, pref, flags, svc, regexp, replacement = naptr.split() order, pref, flags, svc, regexp, replacement = naptr.split()
except ValueError: except ValueError:
return u'format must be specified as "order preference flags service regexp replacement"' return _('format must be specified as "order preference flags service '\
'regexp replacement" (see RFC 2915 for details)')
try: try:
order = int(order) order = int(order)
pref = int(pref) pref = int(pref)
except ValueError: except ValueError:
return u'order and preference must be integers' return _('order and preference must be integers')
if order < 0 or order > 65535 or pref < 0 or pref > 65535: if order < 0 or order > 65535 or pref < 0 or pref > 65535:
return u'the value of order and preference must be between 0 and 65535' return _('the value of order and preference must be between 0 and 65535')
flags = flags.replace('"','') flags = flags.replace('"','')
flags = flags.replace('\'','') flags = flags.replace('\'','')
if len(flags) != 1: if len(flags) != 1:
return u'flag must be a single character (quotation is allowed)' return _('flag must be a single character (quotation is allowed)')
if flags.upper() not in "SAUP": if flags.upper() not in "SAUP":
return u'flag must be one of "S", "A", "U", or "P"' return _('flag must be one of "S", "A", "U", or "P"')
return None return None
def _validate_afsdb(ugettext, afsdb):
"""see RFC 1183"""
try:
sub, host = afsdb.split()
except ValueError:
return _('format must be specified as "subtype hostname" (see RFC 1183 for details)')
try:
sub = int(sub)
except ValueError:
return _('the value of subtype must be integer')
if sub < 0 or sub > 65535:
return _('the value of subtype must be between 0 and 65535')
return None
def _validate_cert(ugettext, cert):
"""see RFC 4398"""
try:
cert_type, key_tag, algorithm, certificate = cert.split()
except ValueError:
return _('format must be specified as "type key_tag algorithm certificate_or_crl" '\
'(see RFC 4398 for details)')
try:
cert_type = int(cert_type)
key_tag = int(key_tag)
algorithm = int(algorithm)
except ValueError:
return _('key_tag, algorithm and digest_type must be integers')
if cert_type < 0 or cert_type > 65535 or key_tag < 0 or key_tag > 65535:
return _('the value of type and key_tag must be between 0 and 65535')
if algorithm < 0 or algorithm > 255:
return _('the value of algorithm must be between 0 and 255')
return None
def _validate_cname(ugettext, cname):
"""see RFC 1035"""
try:
validate_hostname(cname)
except ValueError, e:
return _('format must be specified as "domain_name" (see RFC 1035 for details): %s') \
% unicode(e)
return None
def _validate_dname(ugettext, dname):
"""see RFC 2672"""
try:
validate_hostname(dname)
except ValueError, e:
return _('format must be specified as "target" (see RFC 2672 for details): %s') \
% unicode(e)
return None
def _validate_ds(ugettext, ds):
"""see RFC 4034"""
try:
key_tag, algorithm, digest_type, digest = ds.split()
except ValueError:
return _('format must be specified as "key_tag algorithm digest_type digest" '\
'(see RFC 4034 for details)')
try:
key_tag = int(key_tag)
algorithm = int(algorithm)
digest_type = int(digest_type)
except ValueError:
return _('key_tag, algorithm and digest_type must be integers')
if key_tag < 0 or key_tag > 65535:
return _('the value of flags must be between 0 and 65535')
if algorithm < 0 or algorithm > 255 or digest_type < 0 or digest_type > 255:
return _('the value of algorithm and digest_type must be between 0 and 255')
return None
def _validate_key(ugettext, key):
"""see RFC 2535"""
try:
flags, protocol, algorithm, digest = key.split()
except ValueError:
return _('format must be specified as "flags protocol algorithm public_key" '\
'(see RFC 2535 for details)')
try:
flags = int(flags)
protocol = int(protocol)
algorithm = int(algorithm)
except ValueError:
return _('flags, protocol and algorithm must be integers')
if flags < 0 or flags > 65535:
return _('the value of flags must be between 0 and 65535')
if protocol < 0 or protocol > 255:
return _('the value of protocol must be between 0 and 255')
if algorithm < 0 or algorithm > 255:
return _('the value of algorithm must be between 0 and 255')
return None
def _validate_loc(ugettext, loc):
"""see RFC 1876"""
regex = re.compile(\
r'(?P<d1>\d{1,2}\s+)(?P<m1>\d{1,2}\s+)?(?P<s1>\d{1,2}\.?\d{1,3}?\s+)'\
r'?[N|S]\s+'\
r'(?P<d2>\d{1,2}\s+)(?P<m2>\d{1,2}\s+)?(?P<s2>\d{1,2}\.?\d{1,3}?\s+)'\
r'?[W|E]\s+'\
r'(?P<alt>-?\d{1,8}\.?\d{1,2}?)m?\s*'\
r'(?P<siz>\d{1,8}\.?\d{1,2}?)?m?\s*'\
r'(?P<hp>\d{1,8}\.?\d{1,2}?)?m?\s*(?P<vp>\d{1,8}\.?\d{1,2}?)?m?\s*$')
m = regex.match(loc)
if m is None:
return _("""format must be specified as
"d1 [m1 [s1]] {"N"|"S"} d2 [m2 [s2]] {"E"|"W"} alt["m"] [siz["m"] [hp["m"] [vp["m"]]]]"
where:
d1: [0 .. 90] (degrees latitude)
d2: [0 .. 180] (degrees longitude)
m1, m2: [0 .. 59] (minutes latitude/longitude)
s1, s2: [0 .. 59.999] (seconds latitude/longitude)
alt: [-100000.00 .. 42849672.95] BY .01 (altitude in meters)
siz, hp, vp: [0 .. 90000000.00] (size/precision in meters)
See RFC 1876 for details""")
attrs = {}
for attr in ('d1', 'd2', 'm1', 'm2'):
if m.group(attr) is not None:
try:
attrs[attr] = int(m.group(attr))
except ValueError:
return _('%s must be integer') % attr
for attr in ('s1', 's2', 'alt', 'siz', 'hp', 'vp'):
if m.group(attr) is not None:
try:
attrs[attr] = float(m.group(attr))
except ValueError:
return _('%s must be float') % attr
if attrs.get('d1', 0) > 90 or attrs.get('d2', 0) > 90:
return _(u'd1 and d2 must be between 0 and 90')
if attrs.get('m1', 0) >= 60 or attrs.get('m2', 0) >= 60 or \
attrs.get('s1', 0) >= 60 or attrs.get('s2', 0) >= 60:
return _('m1, m2, s1 and s2 must be between 0 and 59.999')
if attrs.get('alt', 0) < -100000.00 or attrs.get('alt', 0) > 42849672.95:
return _('alt must be between -100000.00 and 42849672.95')
if attrs.get('siz', 0) > 90000000.00 or attrs.get('hp', 0) > 90000000.00 or \
attrs.get('vp', 0) > 90000000.00:
return _('siz, hp and vp must be between 0 and 90000000.00')
return None
def _validate_ns(ugettext, ns):
"""see RFC 1035"""
try:
ns, = ns.split()
except ValueError:
return _('format must be specified as "domain_name" (see RFC 1035 for details)')
return None
def _validate_nsec(ugettext, nsec):
"""see RFC 4034"""
fields = nsec.split()
if len(fields) < 2:
return _('format must be specified as "next_domain_name type1 '\
'[type2 [type3 [...]]]" (see RFC 4034 for details)')
allowed_types = (u'SOA',) + _record_types
for i in range(1, len(fields)):
sig_type = fields[i]
if sig_type not in allowed_types:
return _('type must be one of ' + u', '.join(allowed_types))
return None
def _validate_kx(ugettext, kx):
"""see RFC 2230"""
try:
preference, exchanger = kx.split()
except ValueError:
return _('format must be specified as "preference exchanger" '\
'(see RFC 2230 for details)')
try:
preference = int(preference)
except ValueError:
return _(u'the value of preference must be integer')
if preference < 0 or preference > 65535:
return _('the value of preference must be between 0 and 65535')
return None
def _validate_ptr(ugettext, ptr):
"""see RFC 1035"""
try:
validate_hostname(ptr)
except ValueError, e:
return _('format must be specified as "domain_name" (see RFC 1035 for details): %s') \
% unicode(e)
return None
def _validate_sig(ugettext, sig):
"""see RFCs 2535, 4034"""
try:
sig_type, algorithm, labels, ttl, sig_expiration, \
sig_inception, tag, signer, signature = sig.split()
except ValueError:
return _('format must be specified as "type_covered algorithm labels original_ttl ' \
'signature_expiration signature_inception key_tag signers_name signature" '\
'(see RFC 2535, 4034 for details)')
allowed_types = [x for x in _record_types if x != u'SIG']
if sig_type not in allowed_types:
return _('type_covered must be one of ' + u', '.join(allowed_types))
try:
algorithm = int(algorithm)
labels = int(labels)
ttl = int(ttl)
tag = int(tag)
except ValueError:
return _('algorithm, labels, original_ttl and key_tag must be integers')
try:
time_format = "%Y%m%d%H%M%S"
sig_inception = time.strptime(sig_inception, time_format)
sig_expiration = time.strptime(sig_expiration, time_format)
except ValueError, e:
return _('signature_expiration and signature_inception must follow time ' \
'format "YYYYMMDDHHMMSS"')
if algorithm < 0 or algorithm > 255 or labels < 0 or labels > 255:
return _('the value of algorithm and labels must be between 0 and 255')
if ttl < 0 or ttl > 4294967295:
return _('the value of original_ttl must be between 0 and 4294967295')
if tag < 0 or tag > 65535:
return _('the value of tag must be between 0 and 65535')
return None
def _validate_sshfp(ugettext, sshfp):
"""see RFCs 4255"""
try:
algorithm, fp_type, fingerprint = sshfp.split()
except ValueError:
return _('format must be specified as "algorithm fp_type fingerprint" '\
'(see RFC 4255 for details)')
try:
algorithm = int(algorithm)
fp_type = int(fp_type)
except ValueError:
return _('algorithm and fp_type must be integers')
if algorithm < 0 or algorithm > 255 or fp_type < 0 or fp_type > 255:
return _('the value of algorithm and fp_type must be between 0 and 255')
return None
def _validate_unsupported(ugettext, val):
"""
See https://fedorahosted.org/bind-dyndb-ldap/browser/doc/schema for a
list of supported records in bind-dyndb-ldap plugin
"""
return _('This DNS RR type is not supported by bind-dyndb-ldap plugin')
def _normalize_domain_name(domain_name):
"""Make it fully-qualified"""
if domain_name[-1] != '.':
return domain_name + '.'
else:
return domain_name
# Not validated RR types:
# - A6: downgraded to experimental state by RFC 3363, AAAA is preferred
_record_validators = { _record_validators = {
u'A': _validate_ipaddr, u'A': _validate_ipaddr,
u'AAAA': _validate_ipaddr, u'AAAA': _validate_ipaddr,
u'APL': _validate_ipnet, u'AFSDB': _validate_afsdb,
u'SRV': _validate_srv, u'APL': _validate_unsupported,
u'CERT': _validate_cert,
u'CNAME': _validate_cname,
u'DHCID': _validate_unsupported,
u'DLV': _validate_unsupported,
u'DNAME': _validate_dname,
u'DNSKEY': _validate_unsupported,
u'DS': _validate_ds,
u'HIP': _validate_unsupported,
u'KEY': _validate_key,
u'IPSECKEY': _validate_unsupported,
u'KX': _validate_kx,
u'LOC': _validate_loc,
u'MX': _validate_mx, u'MX': _validate_mx,
u'NS': _validate_ns,
u'NSEC': _validate_nsec,
u'NSEC3': _validate_unsupported,
u'NSEC3PARAM': _validate_unsupported,
u'NAPTR': _validate_naptr, u'NAPTR': _validate_naptr,
u'PTR': _validate_ptr,
u'RP': _validate_unsupported,
u'SRV': _validate_srv,
u'SIG': _validate_sig,
u'RRSIG': _validate_sig,
u'SSHFP': _validate_sshfp,
u'TA': _validate_unsupported,
u'TKEY': _validate_unsupported,
u'TSIG': _validate_unsupported,
}
_record_normalizers = {
u'CNAME': _normalize_domain_name,
u'DNAME': _normalize_domain_name,
u'NS': _normalize_domain_name,
u'PTR': _normalize_domain_name,
} }
# dictionary of valid reverse zone -> number of address components # dictionary of valid reverse zone -> number of address components
@@ -654,11 +991,6 @@ class dnsrecord(LDAPObject):
error=unicode(_('Reverse zone %s requires exactly %d IP address components, %d given') error=unicode(_('Reverse zone %s requires exactly %d IP address components, %d given')
% (zone_name, zone_len, ip_addr_comp_count))) % (zone_name, zone_len, ip_addr_comp_count)))
for ptr in options['ptrrecord']:
if not ptr.endswith('.'):
raise errors.ValidationError(name='ptr-rec',
error=unicode(_('PTR record \'%s\' is not fully qualified (check trailing \'.\')') % ptr))
return dn return dn
def is_pkey_zone_record(self, *keys): def is_pkey_zone_record(self, *keys):
@@ -720,16 +1052,18 @@ class dnsrecord_cmd_w_record_options(Command):
def get_record_option(self, rec_type): def get_record_option(self, rec_type):
doc = self.record_param_doc % rec_type doc = self.record_param_doc % rec_type
validator = _record_validators.get(rec_type) validator = _record_validators.get(rec_type)
normalizer = _record_normalizers.get(rec_type)
if validator: if validator:
return List( return List(
'%srecord?' % rec_type.lower(), validator, '%srecord?' % rec_type.lower(), validator, normalizer=normalizer,
cli_name='%s_rec' % rec_type.lower(), doc=doc, cli_name='%s_rec' % rec_type.lower(), doc=doc,
label='%s record' % rec_type, attribute=True label='%s record' % rec_type, attribute=True
) )
else: else:
return List( return List(
'%srecord?' % rec_type.lower(), cli_name='%s_rec' % rec_type.lower(), '%srecord?' % rec_type.lower(), cli_name='%s_rec' % rec_type.lower(),
doc=doc, label='%s record' % rec_type, attribute=True normalizer=normalizer, doc=doc, label='%s record' % rec_type,
attribute=True
) )
def prompt_record_options(self, rec_type_list): def prompt_record_options(self, rec_type_list):

17
ipalib/util.py
View File

@@ -233,3 +233,20 @@ def validate_zonemgr(zonemgr):
if not all(regex_domain.match(part) for part in domain.split(".")): if not all(regex_domain.match(part) for part in domain.split(".")):
raise ValueError(_('domain name may only include letters, numbers, and -')) raise ValueError(_('domain name may only include letters, numbers, and -'))
def validate_hostname(hostname):
""" See RFC 952, 1123"""
regex_name = re.compile(r'^[a-z0-9]([a-z0-9-]?[a-z0-9])*$', re.IGNORECASE)
if len(hostname) > 255:
raise ValueError(_('cannot be longer that 255 characters'))
if hostname.endswith('.'):
hostname = hostname[:-1]
if '.' not in hostname:
raise ValueError(_('hostname is not fully qualified'))
if not all(regex_name.match(part) for part in hostname.split(".")):
raise ValueError(_('hostname parts may only include letters, numbers, and - ' \
'(which is not allowed as the last character)'))

304
tests/test_xmlrpc/test_dns_plugin.py
View File

@@ -27,10 +27,21 @@ from tests.test_xmlrpc import objectclasses
from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid
dnszone1 = u'dnszone.test' dnszone1 = u'dnszone.test'
dnszone1_dn = DN(('idnsname',dnszone1),('cn','dns'),api.env.basedn)
dnszone1_mname = u'ns1.%s.' % dnszone1
dnszone1_mname_dn = DN(('idnsname','ns1'), dnszone1_dn)
dnszone1_rname = u'root.%s.' % dnszone1
dnszone2 = u'dnszone2.test' dnszone2 = u'dnszone2.test'
dnszone2_dn = DN(('idnsname',dnszone2),('cn','dns'),api.env.basedn)
dnszone2_mname = u'ns1.%s.' % dnszone2
dnszone2_rname = u'root.%s.' % dnszone2
revdnszone1 = u'15.142.80.in-addr.arpa.' revdnszone1 = u'15.142.80.in-addr.arpa.'
revdnszone1_ip = u'80.142.15.0/24' revdnszone1_ip = u'80.142.15.0/24'
revdnszone1_dn = DN(('idnsname',revdnszone1),('cn','dns'),api.env.basedn)
dnsres1 = u'testdnsres' dnsres1 = u'testdnsres'
dnsres1_dn = DN(('idnsname',dnsres1), dnszone1_dn)
dnsrev1 = u'80'
dnsrev1_dn = DN(('idnsname',dnsrev1), revdnszone1_dn)
class test_dns(Declarative): class test_dns(Declarative):
@@ -38,8 +49,8 @@ class test_dns(Declarative):
super(test_dns, self).setUp() super(test_dns, self).setUp()
try: try:
api.Command['dnszone_add'](dnszone1, api.Command['dnszone_add'](dnszone1,
idnssoamname = u'ns1.%s' % dnszone1, idnssoamname = dnszone1_mname,
idnssoarname = u'root.%s' % dnszone1, idnssoarname = dnszone1_rname,
force = True, force = True,
) )
api.Command['dnszone_del'](dnszone1) api.Command['dnszone_del'](dnszone1)
@@ -82,8 +93,8 @@ class test_dns(Declarative):
desc='Create zone %r' % dnszone1, desc='Create zone %r' % dnszone1,
command=( command=(
'dnszone_add', [dnszone1], { 'dnszone_add', [dnszone1], {
'idnssoamname': u'ns1.%s' % dnszone1, 'idnssoamname': dnszone1_mname,
'idnssoarname': u'root.%s' % dnszone1, 'idnssoarname': dnszone1_rname,
'ip_address' : u'1.2.3.4', 'ip_address' : u'1.2.3.4',
} }
), ),
@@ -91,13 +102,12 @@ class test_dns(Declarative):
'value': dnszone1, 'value': dnszone1,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone1_dn),
DN(('idnsname',dnszone1),('cn','dns'),api.env.basedn),
'idnsname': [dnszone1], 'idnsname': [dnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits], 'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -114,8 +124,8 @@ class test_dns(Declarative):
desc='Try to create duplicate zone %r' % dnszone1, desc='Try to create duplicate zone %r' % dnszone1,
command=( command=(
'dnszone_add', [dnszone1], { 'dnszone_add', [dnszone1], {
'idnssoamname': u'ns1.%s' % dnszone1, 'idnssoamname': dnszone1_mname,
'idnssoarname': u'root.%s' % dnszone1, 'idnssoarname': dnszone1_rname,
'ip_address' : u'1.2.3.4', 'ip_address' : u'1.2.3.4',
} }
), ),
@@ -126,19 +136,19 @@ class test_dns(Declarative):
desc='Try to create a zone with nonexistent NS entry', desc='Try to create a zone with nonexistent NS entry',
command=( command=(
'dnszone_add', [dnszone2], { 'dnszone_add', [dnszone2], {
'idnssoamname': u'ns1.%s' % dnszone2, 'idnssoamname': dnszone2_mname,
'idnssoarname': u'root.%s' % dnszone2, 'idnssoarname': dnszone2_rname,
} }
), ),
expected=errors.NotFound(reason='Nameserver \'ns1.%s\' does not have a corresponding A/AAAA record' % (dnszone2)), expected=errors.NotFound(reason='Nameserver \'%s\' does not have a corresponding A/AAAA record' % (dnszone2_mname)),
), ),
dict( dict(
desc='Create a zone with nonexistent NS entry with --force', desc='Create a zone with nonexistent NS entry with --force',
command=( command=(
'dnszone_add', [dnszone2], { 'dnszone_add', [dnszone2], {
'idnssoamname': u'ns1.%s' % dnszone2, 'idnssoamname': dnszone2_mname,
'idnssoarname': u'root.%s' % dnszone2, 'idnssoarname': dnszone2_rname,
'force' : True, 'force' : True,
} }
), ),
@@ -146,13 +156,12 @@ class test_dns(Declarative):
'value': dnszone2, 'value': dnszone2,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone2_dn),
DN(('idnsname',dnszone2),('cn','dns'),api.env.basedn),
'idnsname': [dnszone2], 'idnsname': [dnszone2],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'idnssoamname': [u'ns1.%s.' % dnszone2], 'idnssoamname': [dnszone2_mname],
'nsrecord': [u'ns1.%s.' % dnszone2], 'nsrecord': [dnszone2_mname],
'idnssoarname': [u'root.%s.' % dnszone2], 'idnssoarname': [dnszone2_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits], 'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -181,13 +190,12 @@ class test_dns(Declarative):
'value': dnszone1, 'value': dnszone1,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone1_dn),
DN(('idnsname',dnszone1),('cn','dns'),api.env.basedn),
'idnsname': [dnszone1], 'idnsname': [dnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits], 'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -207,9 +215,9 @@ class test_dns(Declarative):
'result': { 'result': {
'idnsname': [dnszone1], 'idnsname': [dnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [u'5478'], 'idnssoarefresh': [u'5478'],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -224,8 +232,8 @@ class test_dns(Declarative):
desc='Create reverse zone %r' % revdnszone1, desc='Create reverse zone %r' % revdnszone1,
command=( command=(
'dnszone_add', [revdnszone1], { 'dnszone_add', [revdnszone1], {
'idnssoamname': u'ns1.%s' % dnszone1, 'idnssoamname': dnszone1_mname,
'idnssoarname': u'root.%s' % dnszone1, 'idnssoarname': dnszone1_rname,
'ip_address' : u'1.2.3.4', 'ip_address' : u'1.2.3.4',
} }
), ),
@@ -233,13 +241,12 @@ class test_dns(Declarative):
'value': revdnszone1, 'value': revdnszone1,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(revdnszone1_dn),
DN(('idnsname',revdnszone1),('cn','dns'),api.env.basedn),
'idnsname': [revdnszone1], 'idnsname': [revdnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits], 'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -253,20 +260,19 @@ class test_dns(Declarative):
dict( dict(
desc='Search for zones with name server %r' % (u'ns1.%s.' % dnszone1), desc='Search for zones with name server %r' % (dnszone1_mname),
command=('dnszone_find', [], {'idnssoamname': u'ns1.%s.' % dnszone1}), command=('dnszone_find', [], {'idnssoamname': dnszone1_mname}),
expected={ expected={
'summary': None, 'summary': None,
'count': 2, 'count': 2,
'truncated': False, 'truncated': False,
'result': [{ 'result': [{
'dn': lambda x: DN(x) == \ 'dn': unicode(revdnszone1_dn),
DN(('idnsname',revdnszone1),('cn','dns'),api.env.basedn),
'idnsname': [revdnszone1], 'idnsname': [revdnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits], 'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -274,13 +280,12 @@ class test_dns(Declarative):
'idnssoaminimum': [fuzzy_digits], 'idnssoaminimum': [fuzzy_digits],
}, },
{ {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone1_dn),
DN(('idnsname',dnszone1),('cn','dns'),api.env.basedn),
'idnsname': [dnszone1], 'idnsname': [dnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [u'5478'], 'idnssoarefresh': [u'5478'],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -292,20 +297,19 @@ class test_dns(Declarative):
dict( dict(
desc='Search for zones with name server %r with --forward-only' % (u'ns1.%s.' % dnszone1), desc='Search for zones with name server %r with --forward-only' % dnszone1_mname,
command=('dnszone_find', [], {'idnssoamname': u'ns1.%s.' % dnszone1, 'forward_only' : True}), command=('dnszone_find', [], {'idnssoamname': dnszone1_mname, 'forward_only' : True}),
expected={ expected={
'summary': None, 'summary': None,
'count': 1, 'count': 1,
'truncated': False, 'truncated': False,
'result': [{ 'result': [{
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone1_dn),
DN(('idnsname',dnszone1),('cn','dns'),api.env.basedn),
'idnsname': [dnszone1], 'idnsname': [dnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [u'5478'], 'idnssoarefresh': [u'5478'],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -345,13 +349,12 @@ class test_dns(Declarative):
'value': dnszone1, 'value': dnszone1,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone1_dn),
DN(('idnsname',dnszone1),('cn','dns'),api.env.basedn),
'idnsname': [dnszone1], 'idnsname': [dnszone1],
'idnszoneactive': [u'FALSE'], 'idnszoneactive': [u'FALSE'],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits], 'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -380,13 +383,12 @@ class test_dns(Declarative):
'value': dnszone1, 'value': dnszone1,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone1_dn),
DN(('idnsname',dnszone1),('cn','dns'),api.env.basedn),
'idnsname': [dnszone1], 'idnsname': [dnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits], 'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -418,9 +420,7 @@ class test_dns(Declarative):
'value': dnsres1, 'value': dnsres1,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnsres1_dn),
DN(('idnsname',dnsres1),('idnsname',dnszone1),
('cn','dns'),api.env.basedn),
'idnsname': [dnsres1], 'idnsname': [dnsres1],
'objectclass': [u'top', u'idnsrecord'], 'objectclass': [u'top', u'idnsrecord'],
'arecord': [u'127.0.0.1'], 'arecord': [u'127.0.0.1'],
@@ -438,23 +438,17 @@ class test_dns(Declarative):
'truncated': False, 'truncated': False,
'result': [ 'result': [
{ {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone1_dn),
DN(('idnsname',dnszone1),('cn','dns'), 'nsrecord': (dnszone1_mname,),
api.env.basedn),
'nsrecord': (u'ns1.dnszone.test.',),
'idnsname': [u'@'], 'idnsname': [u'@'],
}, },
{ {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnszone1_mname_dn),
DN(('idnsname','ns1'),('idnsname',dnszone1),
('cn','dns'),api.env.basedn),
'idnsname': [u'ns1'], 'idnsname': [u'ns1'],
'arecord': [u'1.2.3.4'], 'arecord': [u'1.2.3.4'],
}, },
{ {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnsres1_dn),
DN(('idnsname',dnsres1),('idnsname',dnszone1),
('cn','dns'),api.env.basedn),
'idnsname': [dnsres1], 'idnsname': [dnsres1],
'arecord': [u'127.0.0.1'], 'arecord': [u'127.0.0.1'],
}, },
@@ -470,9 +464,7 @@ class test_dns(Declarative):
'value': dnsres1, 'value': dnsres1,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(dnsres1_dn),
DN(('idnsname',dnsres1),('idnsname',dnszone1),
('cn','dns'),api.env.basedn),
'idnsname': [dnsres1], 'idnsname': [dnsres1],
'arecord': [u'127.0.0.1', u'10.10.0.1'], 'arecord': [u'127.0.0.1', u'10.10.0.1'],
'objectclass': [u'top', u'idnsrecord'], 'objectclass': [u'top', u'idnsrecord'],
@@ -538,6 +530,116 @@ class test_dns(Declarative):
}, },
), ),
dict(
desc='Try to add invalid MX record to zone %r using dnsrecord_add' % (dnszone1),
command=('dnsrecord_add', [dnszone1, u'@'], {'mxrecord': dnszone1_mname }),
expected=errors.ValidationError(name='mxrecord', error=''),
),
dict(
desc='Add MX record to zone %r using dnsrecord_add' % (dnszone1),
command=('dnsrecord_add', [dnszone1, u'@'], {'mxrecord': u"0 %s" % dnszone1_mname }),
expected={
'value': u'@',
'summary': None,
'result': {
'objectclass': [u'top', u'idnsrecord', u'idnszone'],
'dn': unicode(dnszone1_dn),
'idnsname': [dnszone1],
'mxrecord': [u"0 %s" % dnszone1_mname],
'nsrecord': [dnszone1_mname],
},
},
),
dict(
desc='Try to add invalid SRV record to zone %r using dnsrecord_add' % (dnszone1),
command=('dnsrecord_add', [dnszone1, u'_foo._tcp'], {'srvrecord': dnszone1_mname}),
expected=errors.ValidationError(name='srvrecord', error=''),
),
dict(
desc='Add SRV record to zone %r using dnsrecord_add' % (dnszone1),
command=('dnsrecord_add', [dnszone1, u'_foo._tcp'], {'srvrecord': u"0 100 1234 %s" % dnszone1_mname}),
expected={
'value': u'_foo._tcp',
'summary': None,
'result': {
'objectclass': [u'top', u'idnsrecord'],
'dn': unicode(DN(('idnsname', u'_foo._tcp'), dnszone1_dn)),
'idnsname': [u'_foo._tcp'],
'srvrecord': [u"0 100 1234 %s" % dnszone1_mname],
},
},
),
dict(
desc='Try to add invalid LOC record to zone %r using dnsrecord_add' % (dnszone1),
command=('dnsrecord_add', [dnszone1, u'@'], {'locrecord': u"91 11 42.4 N 16 36 29.6 E 227.64m" }),
expected=errors.ValidationError(name='locrecord', error=''),
),
dict(
desc='Add LOC record to zone %r using dnsrecord_add' % (dnszone1),
command=('dnsrecord_add', [dnszone1, u'@'], {'locrecord': u"49 11 42.4 N 16 36 29.6 E 227.64m" }),
expected={
'value': u'@',
'summary': None,
'result': {
'objectclass': [u'top', u'idnsrecord', u'idnszone'],
'dn': unicode(dnszone1_dn),
'idnsname': [dnszone1],
'mxrecord': [u"0 %s" % dnszone1_mname],
'nsrecord': [dnszone1_mname],
'locrecord': [u"49 11 42.4 N 16 36 29.6 E 227.64m"],
},
},
),
dict(
desc='Try to add invalid CNAME record %r using dnsrecord_add' % (dnsres1),
command=('dnsrecord_add', [dnszone1, dnsres1], {'cnamerecord': u'-.example.com' }),
expected=errors.ValidationError(name='cnamerecord', error=''),
),
dict(
desc='Add CNAME record to %r using dnsrecord_add' % (dnsres1),
command=('dnsrecord_add', [dnszone1, dnsres1], {'cnamerecord': u'foo-1.example.com' }),
expected={
'value': dnsres1,
'summary': None,
'result': {
'objectclass': [u'top', u'idnsrecord'],
'dn': unicode(dnsres1_dn),
'idnsname': [dnsres1],
'arecord': [u'10.10.0.1'],
'cnamerecord': [u'foo-1.example.com.'],
},
},
),
dict(
desc='Try to add invalid KX record %r using dnsrecord_add' % (dnsres1),
command=('dnsrecord_add', [dnszone1, dnsres1], {'kxrecord': u'foo-1.example.com' }),
expected=errors.ValidationError(name='kxrecord', error=''),
),
dict(
desc='Add KX record to %r using dnsrecord_add' % (dnsres1),
command=('dnsrecord_add', [dnszone1, dnsres1], {'kxrecord': u'1 foo-1.example.com' }),
expected={
'value': dnsres1,
'summary': None,
'result': {
'objectclass': [u'top', u'idnsrecord'],
'dn': unicode(dnsres1_dn),
'idnsname': [dnsres1],
'arecord': [u'10.10.0.1'],
'cnamerecord': [u'foo-1.example.com.'],
'kxrecord': [u'1 foo-1.example.com'],
},
},
),
dict( dict(
desc='Delete record %r in zone %r' % (dnsres1, dnszone1), desc='Delete record %r in zone %r' % (dnsres1, dnszone1),
@@ -555,22 +657,21 @@ class test_dns(Declarative):
command=( command=(
'dnszone_add', [], { 'dnszone_add', [], {
'name_from_ip': u'foo', 'name_from_ip': u'foo',
'idnssoamname': u'ns1.%s' % dnszone1, 'idnssoamname': dnszone1_mname,
'idnssoarname': u'root.%s' % dnszone1, 'idnssoarname': dnszone1_rname,
'ip_address' : u'1.2.3.4', 'ip_address' : u'1.2.3.4',
} }
), ),
expected=errors.ValidationError(name='name_from_ip', error='invalid format'), expected=errors.ValidationError(name='name_from_ip', error='invalid format'),
), ),
dict( dict(
desc='Create reverse from IP %s zone using name_from_ip option' % revdnszone1_ip, desc='Create reverse from IP %s zone using name_from_ip option' % revdnszone1_ip,
command=( command=(
'dnszone_add', [], { 'dnszone_add', [], {
'name_from_ip': revdnszone1_ip, 'name_from_ip': revdnszone1_ip,
'idnssoamname': u'ns1.%s' % dnszone1, 'idnssoamname': dnszone1_mname,
'idnssoarname': u'root.%s' % dnszone1, 'idnssoarname': dnszone1_rname,
'ip_address' : u'1.2.3.4', 'ip_address' : u'1.2.3.4',
} }
), ),
@@ -578,13 +679,12 @@ class test_dns(Declarative):
'value': revdnszone1, 'value': revdnszone1,
'summary': None, 'summary': None,
'result': { 'result': {
'dn': lambda x: DN(x) == \ 'dn': unicode(revdnszone1_dn),
DN(('idnsname',revdnszone1),('cn','dns'),api.env.basedn),
'idnsname': [revdnszone1], 'idnsname': [revdnszone1],
'idnszoneactive': [u'TRUE'], 'idnszoneactive': [u'TRUE'],
'idnssoamname': [u'ns1.%s.' % dnszone1], 'idnssoamname': [dnszone1_mname],
'nsrecord': [u'ns1.%s.' % dnszone1], 'nsrecord': [dnszone1_mname],
'idnssoarname': [u'root.%s.' % dnszone1], 'idnssoarname': [dnszone1_rname],
'idnssoaserial': [fuzzy_digits], 'idnssoaserial': [fuzzy_digits],
'idnssoarefresh': [fuzzy_digits], 'idnssoarefresh': [fuzzy_digits],
'idnssoaretry': [fuzzy_digits], 'idnssoaretry': [fuzzy_digits],
@@ -597,6 +697,28 @@ class test_dns(Declarative):
), ),
dict(
desc='Try to add invalid PTR %r to %r using dnsrecord_add' % (dnsrev1, revdnszone1),
command=('dnsrecord_add', [revdnszone1, dnsrev1], {'ptrrecord': u'-.example.com' }),
expected=errors.ValidationError(name='ptrrecord', error=''),
),
dict(
desc='Add PTR record %r to %r using dnsrecord_add' % (dnsrev1, revdnszone1),
command=('dnsrecord_add', [revdnszone1, dnsrev1], {'ptrrecord': u'foo-1.example.com' }),
expected={
'value': dnsrev1,
'summary': None,
'result': {
'objectclass': [u'top', u'idnsrecord'],
'dn': unicode(dnsrev1_dn),
'idnsname': [dnsrev1],
'ptrrecord': [u'foo-1.example.com.'],
},
},
),
dict( dict(
desc='Delete zone %r' % dnszone1, desc='Delete zone %r' % dnszone1,
command=('dnszone_del', [dnszone1], {}), command=('dnszone_del', [dnszone1], {}),