IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-12 01:01:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
04aae0eecc
freeipa/ipatests
History
Julien Rische 673d2b82d0 Generate CNAMEs for TXT+URI location krb records 
The IPA location system relies on DNS record priorities in order to give
higher precedence to servers from the same location. For Kerberos, this
is done by redirecting generic SRV records (e.g.
_kerberos._udp.[domain].) to location-aware records (e.g.
_kerberos._udp.[location]._locations.[domain].) using CNAMEs.

This commit applies the same logic for URI records. URI location-aware
record were created, but there were no redirection from generic URI
records. It was causing them to be ignored in practice.

Kerberos URI and TXT records have the same name: "_kerberos". However,
CNAME records cannot coexist with any other record type. To avoid this
conflict, the generic TXT realm record was replaced by location-aware
records, even if the content of these records is the same for all
locations.

Fixes: https://pagure.io/freeipa/issue/9257
Signed-off-by: Julien Rische <jrische@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2022-11-23 20:00:17 +01:00
..
azure ipatests: re-enable dnssec tests 2022-11-21 14:24:17 +01:00
man Simplify ipa-run-tests script 2019-07-16 13:23:21 +03:00
prci_definitions ipatests: update vagrant boxes 2022-11-22 11:45:27 +01:00
pytest_ipa Add PKINIT support to ipa-client-install 2022-11-16 14:32:05 +02:00
test_cmdline Make the schema cache TTL user-configurable 2021-11-03 10:59:10 +01:00
test_custodia pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
test_install Unify access to FQDN 2020-10-26 17:11:19 +11:00
test_integration Generate CNAMEs for TXT+URI location krb records 2022-11-23 20:00:17 +01:00
test_ipaclient ipaclient: do not set TLS CA options in ldap.conf anymore 2022-10-10 09:50:39 +02:00
test_ipalib Add a new parameter type, SerialNumber, as a subclass of Str 2022-06-09 08:35:15 +02:00
test_ipaplatform ipatests/test_ipaplatform: Skip test_ipa_version on Debian 2021-11-25 21:02:56 -05:00
test_ipapython DNSResolver: Fix use of nameservers with ports 2022-08-16 13:49:40 +02:00
test_ipaserver Fix test_secure_ajp_connector.py failing with Python 3.6.8 2022-06-23 17:46:57 -04:00
test_ipatests_plugins ipatests: Don't turn Pytest IPA deprecation warnings into errors 2020-07-29 15:10:00 -04:00
test_webui ipatests: Test newly added certificate lable 2022-11-15 13:04:22 +01:00
test_xmlrpc ipatest: Remove warning message for 'idnssoaserial' 2022-09-29 14:23:44 +02:00
__init__.py Make an ipa-tests package 2013-06-17 19:22:50 +02:00
conftest.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
create_external_ca.py Test external CA with DNS name constraints 2019-08-06 12:39:46 +02:00
data.py Fix more bytes/unicode issues 2015-10-22 18:34:46 +02:00
i18n.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
ipa-run-tests ipatests: Specify shell implementation 2020-04-21 13:24:50 +02:00
ipa-test-config Rename pytest_plugins to ipatests.pytest_ipa 2018-08-02 17:07:43 +02:00
ipa-test-task ipatests: Fetch sudo rules without time offset 2021-06-03 09:21:45 +03:00
Makefile.am Build: fix distribution of static files for web UI 2016-11-09 13:08:32 +01:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Add Custodia tests 2021-06-16 10:28:17 -04:00
test_util.py pylint: Skip unused-private-member for property case 2022-03-11 13:37:08 -05:00
util.py pylint: Drop no longer used __home 2022-03-11 13:37:08 -05:00