diff options
| author | Martin Kosek <mkosek@redhat.com> | 2013-04-02 11:58:31 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2013-04-02 17:11:52 +0200 |
| commit | 42c401a87795fe3a2067155460ae276ad2d3e360 (patch) | |
| tree | 586986c6caabd4a5ed8b72789baee6230b69f692 /tests/test_xmlrpc | |
| parent | 81be28d6bd49cad19d41a572b0d09c6fe9663359 (diff) | |
| download | freeipa-42c401a87795fe3a2067155460ae276ad2d3e360.tar.gz freeipa-42c401a87795fe3a2067155460ae276ad2d3e360.tar.xz freeipa-42c401a87795fe3a2067155460ae276ad2d3e360.zip | |
Improve CNAME record validation
Refactor DNS RR conflict validator so that it is better extensible in
the future. Also check that there is only one CNAME defined for
a DNS record.
PTR+CNAME record combination is no longer allowed as we found out it
does not make sense to have this combination.
https://fedorahosted.org/freeipa/ticket/3450
Diffstat (limited to 'tests/test_xmlrpc')
| -rw-r--r-- | tests/test_xmlrpc/test_dns_plugin.py | 38 |
1 files changed, 14 insertions, 24 deletions
diff --git a/tests/test_xmlrpc/test_dns_plugin.py b/tests/test_xmlrpc/test_dns_plugin.py index 945bca384..2e7d5466a 100644 --- a/tests/test_xmlrpc/test_dns_plugin.py +++ b/tests/test_xmlrpc/test_dns_plugin.py @@ -773,7 +773,8 @@ class test_dns(Declarative): desc='Try to add CNAME record to %r using dnsrecord_add' % (dnsres1), command=('dnsrecord_add', [dnszone1, dnsres1], {'cnamerecord': u'foo-1.example.com.'}), expected=errors.ValidationError(name='cnamerecord', - error=u'CNAME record is not allowed to coexist with any other records except PTR'), + error=u'CNAME record is not allowed to coexist with any other ' + u'record (RFC 1034, section 3.6.2)'), ), dict( @@ -785,6 +786,14 @@ class test_dns(Declarative): ), dict( + desc='Try to add multiple CNAME record %r using dnsrecord_add' % (dnsrescname), + command=('dnsrecord_add', [dnszone1, dnsrescname], {'cnamerecord': + [u'1.example.com.', u'2.example.com.']}), + expected=errors.ValidationError(name='cnamerecord', + error=u'only one CNAME record is allowed per name (RFC 2136, section 1.1.5)'), + ), + + dict( desc='Add CNAME record to %r using dnsrecord_add' % (dnsrescname), command=('dnsrecord_add', [dnszone1, dnsrescname], {'cnamerecord': u'foo-1.example.com.'}), expected={ @@ -803,14 +812,16 @@ class test_dns(Declarative): desc='Try to add other record to CNAME record %r using dnsrecord_add' % (dnsrescname), command=('dnsrecord_add', [dnszone1, dnsrescname], {'arecord': u'10.0.0.1'}), expected=errors.ValidationError(name='cnamerecord', - error=u'CNAME record is not allowed to coexist with any other records except PTR'), + error=u'CNAME record is not allowed to coexist with any other ' + u'record (RFC 1034, section 3.6.2)'), ), dict( desc='Try to add other record to CNAME record %r using dnsrecord_mod' % (dnsrescname), command=('dnsrecord_mod', [dnszone1, dnsrescname], {'arecord': u'10.0.0.1'}), expected=errors.ValidationError(name='cnamerecord', - error=u'CNAME record is not allowed to coexist with any other records except PTR'), + error=u'CNAME record is not allowed to coexist with any other ' + u'record (RFC 1034, section 3.6.2)'), ), dict( @@ -1063,22 +1074,6 @@ class test_dns(Declarative): ), dict( - desc='Test that CNAME/PTR record type combination in record %r is allowed' % (dnsrev1), - command=('dnsrecord_add', [revdnszone1, dnsrev1], {'cnamerecord': u'foo-1.example.com.' }), - expected={ - 'value': dnsrev1, - 'summary': None, - 'result': { - 'objectclass': objectclasses.dnsrecord, - 'dn': dnsrev1_dn, - 'idnsname': [dnsrev1], - 'ptrrecord': [u'foo-1.example.com.'], - 'cnamerecord': [u'foo-1.example.com.'], - }, - }, - ), - - dict( desc='Show record %r in zone %r with --structured and --all options'\ % (dnsrev1, revdnszone1), command=('dnsrecord_show', [revdnszone1, dnsrev1], @@ -1096,11 +1091,6 @@ class test_dns(Declarative): 'dnsdata': u'foo-1.example.com.', 'ptr_part_hostname': u'foo-1.example.com.' }, - { - 'dnstype': u'CNAME', - 'dnsdata': u'foo-1.example.com.', - 'cname_part_hostname': u'foo-1.example.com.' - } ], }, }, |