diff options
author | Jan Zeleny <jzeleny@redhat.com> | 2011-02-16 04:47:36 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-02-17 16:08:50 -0500 |
commit | 23234094c3fbdc415ffe4e221bd29c0dedf0c5b3 (patch) | |
tree | d0d32ccb05f7d8d25fd422bf2e15092ec5544609 /ipalib/plugins | |
parent | 2d97f4b335ce2f2f1d62194ef614af3ace77a57e (diff) | |
download | freeipa-23234094c3fbdc415ffe4e221bd29c0dedf0c5b3.tar.gz freeipa-23234094c3fbdc415ffe4e221bd29c0dedf0c5b3.tar.xz freeipa-23234094c3fbdc415ffe4e221bd29c0dedf0c5b3.zip |
Validate that the reverse DNS record is correct
This patch ensures that PTR records added by FreeIPA are compliant with
RFC.
https://fedorahosted.org/freeipa/ticket/839
Diffstat (limited to 'ipalib/plugins')
-rw-r--r-- | ipalib/plugins/dns.py | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 1bdb4bfd6..0c7f1afb7 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -622,6 +622,22 @@ class dnsrecord_add(LDAPCreate, dnsrecord_cmd_w_record_options): is_ns_rec_resolvable(ns) return dn + def _ptrrecord_pre_callback(self, ldap, dn, entry_attrs, *keys, **options): + components = dn.split(',',2) + addr = components[0].split('=')[1] + zone = components[1].split('=')[1] + if zone.find('ip6') != -1: + zone = zone.replace('.ip6.arpa.','') + zone_len = 32 + else: + zone = zone.replace('.in-addr.arpa.','') + zone_len = 4 + + if len(addr.split('.'))+len(zone.split('.')) != zone_len: + raise errors.ValidationError(name='cn', error=unicode('IP address must have exactly '+str(zone_len)+' components')) + + return dn + def pre_callback(self, ldap, dn, entry_attrs, *keys, **options): for rtype in options: rtype_cb = '_%s_pre_callback' % rtype |