summaryrefslogtreecommitdiffstats
path: root/ipalib
diff options
context:
space:
mode:
authorMartin Basti <mbasti@redhat.com>2014-06-25 12:36:59 +0200
committerPetr Vobornik <pvoborni@redhat.com>2014-07-01 12:37:08 +0200
commit12cb31575ca84d8084687c9906e5824462bd33ec (patch)
tree6b7e496a904d71375a07443e933745b4f30f047d /ipalib
parent99c5f0511f697cc54a9de7994c3e6999c6fd119f (diff)
downloadfreeipa-12cb31575ca84d8084687c9906e5824462bd33ec.tar.gz
freeipa-12cb31575ca84d8084687c9906e5824462bd33ec.tar.xz
freeipa-12cb31575ca84d8084687c9906e5824462bd33ec.zip
DNSSEC: add TLSA record type
Ticket: https://fedorahosted.org/freeipa/ticket/4328 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Diffstat (limited to 'ipalib')
-rw-r--r--ipalib/plugins/dns.py59
1 files changed, 44 insertions, 15 deletions
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 890d2cceb..3fa2c0b6a 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -238,7 +238,7 @@ _record_types = (
u'DNAME', u'DNSKEY', u'DS', u'HIP', u'IPSECKEY', u'KEY', u'KX', u'LOC',
u'MX', u'NAPTR', u'NS', u'NSEC', u'NSEC3', u'NSEC3PARAM', u'PTR',
u'RRSIG', u'RP', u'SIG', u'SPF', u'SRV', u'SSHFP', u'TA', u'TKEY',
- u'TSIG', u'TXT',
+ u'TLSA', u'TSIG', u'TXT',
)
# DNS zone record identificator
@@ -1384,6 +1384,32 @@ class TARecord(DNSRecord):
rrtype = 'TA'
supported = False
+
+class TLSARecord(DNSRecord):
+ rrtype = 'TLSA'
+ rfc = 6698
+ parts = (
+ Int('cert_usage',
+ label=_('Certificate Usage'),
+ minvalue=0,
+ maxvalue=255,
+ ),
+ Int('selector',
+ label=_('Selector'),
+ minvalue=0,
+ maxvalue=255,
+ ),
+ Int('matching_type',
+ label=_('Matching Type'),
+ minvalue=0,
+ maxvalue=255,
+ ),
+ Str('cert_association_data',
+ label=_('Certificate Association Data'),
+ ),
+ )
+
+
class TKEYRecord(DNSRecord):
rrtype = 'TKEY'
supported = False
@@ -1437,6 +1463,7 @@ _dns_records = (
SRVRecord(),
SSHFPRecord(),
TARecord(),
+ TLSARecord(),
TKEYRecord(),
TSIGRecord(),
TXTRecord(),
@@ -2118,13 +2145,14 @@ class dnszone(DNSZoneBase):
'dnsclass', 'dnsttl', 'dsrecord', 'hinforecord',
'idnsallowdynupdate', 'idnsallowquery', 'idnsallowsyncptr',
'idnsallowtransfer', 'idnsforwarders', 'idnsforwardpolicy',
- 'idnsname', 'idnssoaexpire', 'idnssoaminimum', 'idnssoamname',
- 'idnssoarefresh', 'idnssoaretry', 'idnssoarname',
- 'idnssoaserial', 'idnsupdatepolicy', 'idnszoneactive',
- 'keyrecord', 'kxrecord', 'locrecord', 'managedby', 'mdrecord',
- 'minforecord', 'mxrecord', 'naptrrecord', 'nsecrecord',
- 'nsec3paramrecord', 'nsrecord', 'nxtrecord', 'ptrrecord',
- 'rrsigrecord', 'sigrecord', 'srvrecord', 'sshfprecord',
+ 'idnsname', 'idnssoaexpire',
+ 'idnssoaminimum', 'idnssoamname', 'idnssoarefresh',
+ 'idnssoaretry', 'idnssoarname', 'idnssoaserial',
+ 'idnsupdatepolicy', 'idnszoneactive', 'keyrecord', 'kxrecord',
+ 'locrecord', 'managedby', 'mdrecord', 'minforecord',
+ 'mxrecord', 'naptrrecord', 'nsecrecord', 'nsec3paramrecord',
+ 'nsrecord', 'nxtrecord', 'ptrrecord', 'rrsigrecord',
+ 'sigrecord', 'srvrecord', 'sshfprecord', 'tlsarecord',
'txtrecord',
},
'replaces_system': ['Read DNS Entries'],
@@ -2151,13 +2179,14 @@ class dnszone(DNSZoneBase):
'dnsclass', 'dnsttl', 'dsrecord', 'hinforecord',
'idnsallowdynupdate', 'idnsallowquery', 'idnsallowsyncptr',
'idnsallowtransfer', 'idnsforwarders', 'idnsforwardpolicy',
- 'idnsname', 'idnssoaexpire', 'idnssoaminimum', 'idnssoamname',
- 'idnssoarefresh', 'idnssoaretry', 'idnssoarname',
- 'idnssoaserial', 'idnsupdatepolicy', 'idnszoneactive',
- 'keyrecord', 'kxrecord', 'locrecord', 'managedby', 'mdrecord',
- 'minforecord', 'mxrecord', 'naptrrecord', 'nsecrecord',
- 'nsec3paramrecord', 'nsrecord', 'nxtrecord', 'ptrrecord',
- 'rrsigrecord', 'sigrecord', 'srvrecord', 'sshfprecord',
+ 'idnsname', 'idnssoaexpire',
+ 'idnssoaminimum', 'idnssoamname', 'idnssoarefresh',
+ 'idnssoaretry', 'idnssoarname', 'idnssoaserial',
+ 'idnsupdatepolicy', 'idnszoneactive', 'keyrecord', 'kxrecord',
+ 'locrecord', 'managedby', 'mdrecord', 'minforecord',
+ 'mxrecord', 'naptrrecord', 'nsecrecord', 'nsec3paramrecord',
+ 'nsrecord', 'nxtrecord', 'ptrrecord', 'rrsigrecord',
+ 'sigrecord', 'srvrecord', 'sshfprecord', 'tlsarecord',
'txtrecord',
},
'replaces': [