IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
11,353 Commits 11 Branches 60 Tags
eae8714026339e1e7926d01412916ad08be737b9
Commit Graph

22 Commits

Author SHA1 Message Date
Martin Basti
35ba724de9 Py3: Fix ToASCII method 
in Py2 to_text method returns Py2 non-unicode string, but in Py3 to_text method
returns Py3 default (unicode) string. So only in Py2 we have to decode
str to unicode.

https://fedorahosted.org/freeipa/ticket/5935

Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2017-01-06 12:48:10 +01:00
Petr Spacek
5e78b54d7c Fix internal errors in host-add and other commands caused by DNS resolution 
Previously resolver was returning CheckedIPAddress objects. This
internal server error in cases where DNS actually returned reserved IP
addresses.

Now the resolver is returning UnsafeIPAddress objects which do syntactic
checks but do not filter IP addresses.

From now on we can decide if some IP address should be accepted as-is or
if it needs to be contrained to some subset of IP addresses using
CheckedIPAddress class.

This regression was caused by changes for
https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-07-01 10:35:39 +02:00
Petr Spacek
7be50ea715 Use NSS for name->resolution in IPA installer 
This fixes scenarios where IPA server is not able to resolve own name
and option --ip-address was not specified by the user.

This partially reverts changes from commit
dc405005f5

https://fedorahosted.org/freeipa/ticket/5962

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-06-29 14:19:59 +02:00
Martin Basti
971b4bf009 Fix resolve_rrsets: RRSet is not hashable 
We cannot use set() with RRSet objects, because RRSet object is not
hashable. A set was replaced by list.

https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2016-06-09 15:42:10 +02:00
Petr Spacek
e45a80308c DNS upgrade: change global forwarding policy in LDAP to "only" if private IPs are used 
This change is necessary to override automatic empty zone configuration
in latest BIND and bind-dyndb-ldap 9.0+.

This procedure is still not complete because we need to handle global
forwarders in named.conf too (independently on each server).

https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-05-30 20:14:32 +02:00
Petr Spacek
c978ad5b42 Add function ipapython.dnsutil.related_to_auto_empty_zone() 
It allows to test if given DNS name is sub/super domain
of an automatic empty zone.

https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-05-30 20:14:32 +02:00
Petr Spacek
dc405005f5 Move IP address resolution from ipaserver.install.installutils to ipapython.dnsutil 
This is to make it reusable from other modules and to avoid future code
duplication.

https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-05-30 20:14:32 +02:00
Petr Spacek
0c75df4bf3 Move check_zone_overlap() from ipapython.ipautil to ipapython.dnsutil 
This is preparatory work to avoid (future) cyclic import between
ipapython.dnsutil and ipapython.ipautil.

https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-05-30 20:14:32 +02:00
Petr Spacek
c7ee765c4d Add function ipapython.dnsutil.inside_auto_empty_zone() 
It allows to test if given DNS name belongs to an automatic empty zone.

https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-04-28 18:46:06 +02:00
Petr Spacek
1df30b4646 Use shared sanity check and tests ipapython.dnsutil.is_auto_empty_zone() 
https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-04-28 18:46:06 +02:00
Petr Spacek
6752d6404a Move function is_auto_empty_zone() into ipapython.dnsutil 
I'm going to extend this so it is better to have it in module.
At the same time it is now using shared assert_absolute_dnsname()
helper.

https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-04-28 18:46:06 +02:00
Petr Spacek
41464b74f4 Add assert_absolute_dnsname() helper to ipapython.dnsutil 
Sanity check for zone names and such should be the same everywhere.
This new function will be a replacement for ad-hoc checks.

https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-04-28 18:46:06 +02:00
Petr Spacek
bd32b48eb0 Move automatic empty zone list into ipapython.dnsutil and make it reusable 
https://fedorahosted.org/freeipa/ticket/5710

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-04-28 18:46:06 +02:00
Petr Viktorin
983c53bb6c dnsutil: Rename __nonzero__ to __bool__ 
In Python 3, this special method got renamed. Set both to the same
function to keep compatibility.

https://fedorahosted.org/freeipa/ticket/5623

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-01-20 11:59:21 +01:00
Petr Viktorin
8a2b65a357 Fix more bytes/unicode issues 
Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-10-22 18:34:46 +02:00
Jan Cholasta
23507e6124 Alias "unicode" to "str" under Python 3 
The six way of doing this is to replace all occurences of "unicode"
with "six.text_type". However, "unicode" is non-ambiguous and
(arguably) easier to read. Also, using it makes the patches smaller,
which should help with backporting.

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2015-09-17 11:08:43 +02:00
Jan Cholasta
cf9bf9dcaf Use six.python_2_unicode_compatible 
Rename __unicode__ to __str__ in classes which define it and use the
six.python_2_unicode_compatible decorator on them to make them compatible with
both Python 2 and 3.

Additional changes were required for the ipapython.dnsutil.DNSName class,
because it defined both __str__ and __unicode__.

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2015-09-07 08:00:11 +02:00
Petr Viktorin
27dabb4528 Modernize 'except' clauses 
The 'as' syntax works from Python 2 on, and Python 3 will
drop the "comma" syntax.

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-08-12 18:17:23 +02:00
Martin Basti
c80a59eff4 Raise right exception if domain name is not valid 
Because of dnspython implementation, in some cases UnicodeError is
raised instead of DNS SyntaxError

Ticket: https://fedorahosted.org/freeipa/ticket/4734
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2014-11-20 14:41:36 +00:00
Martin Basti
eb54814741 DNSSEC: DNS key synchronization daemon 
Tickets:
https://fedorahosted.org/freeipa/ticket/3801
https://fedorahosted.org/freeipa/ticket/4417

Design:
https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: David Kupka <dkupka@redhat.com>
 2014-10-21 12:23:03 +02:00
Martin Basti
9f5e77f686 Fix handle python-dns UnicodeError 
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2014-06-20 13:28:53 +02:00
Martin Basti
9c7b0ad156 DNSName type 
Type used to store domain names based on dnspython

Part of ticket:
IPA should allow internationalized domain names
https://fedorahosted.org/freeipa/ticket/3169

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2014-06-03 15:55:32 +02:00