summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/dns.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipalib/plugins/dns.py')
-rw-r--r--ipalib/plugins/dns.py101
1 files changed, 52 insertions, 49 deletions
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index a7a4100db..512a653c3 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -281,10 +281,9 @@ register = Registry()
# supported resource record types
_record_types = (
u'A', u'AAAA', u'A6', u'AFSDB', u'APL', u'CERT', u'CNAME', u'DHCID', u'DLV',
- u'DNAME', u'DNSKEY', u'DS', u'HIP', u'IPSECKEY', u'KEY', u'KX', u'LOC',
- u'MX', u'NAPTR', u'NS', u'NSEC', u'NSEC3', u'PTR',
- u'RRSIG', u'RP', u'SIG', u'SPF', u'SRV', u'SSHFP', u'TA', u'TKEY',
- u'TLSA', u'TSIG', u'TXT',
+ u'DNAME', u'DS', u'HIP', u'HINFO', u'IPSECKEY', u'KEY', u'KX', u'LOC',
+ u'MD', u'MINFO', u'MX', u'NAPTR', u'NS', u'NSEC', u'NXT', u'PTR', u'RRSIG',
+ u'RP', u'SIG', u'SPF', u'SRV', u'SSHFP', u'TLSA', u'TXT',
)
# DNS zone record identificator
@@ -1092,9 +1091,6 @@ class DNAMERecord(DNSRecord):
),
)
-class DNSKEYRecord(UnsupportedDNSRecord):
- rrtype = 'DNSKEY'
- rfc = 4034
class DSRecord(DNSRecord):
rrtype = 'DS'
@@ -1129,6 +1125,11 @@ class DLVRecord(DSRecord):
rfc = 4431
+class HINFORecord(UnsupportedDNSRecord):
+ rrtype = 'HINFO'
+ rfc = 1035
+
+
class HIPRecord(UnsupportedDNSRecord):
rrtype = 'HIP'
rfc = 5205
@@ -1287,6 +1288,18 @@ class LOCRecord(DNSRecord):
name=target_cli_name)
raise errors.ValidationError(name=self.name, error=error)
+
+class MDRecord(UnsupportedDNSRecord):
+ # obsoleted, use MX instead
+ rrtype = 'MD'
+ rfc = 1035
+
+
+class MINFORecord(UnsupportedDNSRecord):
+ rrtype = 'MINFO'
+ rfc = 1035
+
+
class MXRecord(DNSRecord):
rrtype = 'MX'
rfc = 1035
@@ -1318,9 +1331,6 @@ class NSECRecord(UnsupportedDNSRecord):
rrtype = 'NSEC'
rfc = 4034
-class NSEC3Record(UnsupportedDNSRecord):
- rrtype = 'NSEC3'
- rfc = 5155
def _validate_naptr_flags(ugettext, flags):
allowed_flags = u'SAUP'
@@ -1361,6 +1371,12 @@ class NAPTRRecord(DNSRecord):
),
)
+
+class NXTRecord(UnsupportedDNSRecord):
+ rrtype = 'NXT'
+ rfc = 2535
+
+
class PTRRecord(DNSRecord):
rrtype = 'PTR'
rfc = 1035
@@ -1450,10 +1466,6 @@ class SSHFPRecord(DNSRecord):
return tuple(values)
-class TARecord(UnsupportedDNSRecord):
- rrtype = 'TA'
-
-
class TLSARecord(DNSRecord):
rrtype = 'TLSA'
rfc = 6698
@@ -1479,12 +1491,6 @@ class TLSARecord(DNSRecord):
)
-class TKEYRecord(UnsupportedDNSRecord):
- rrtype = 'TKEY'
-
-class TSIGRecord(UnsupportedDNSRecord):
- rrtype = 'TSIG'
-
class TXTRecord(DNSRecord):
rrtype = 'TXT'
rfc = 1035
@@ -1509,7 +1515,6 @@ _dns_records = (
DHCIDRecord(),
DLVRecord(),
DNAMERecord(),
- DNSKEYRecord(),
DSRecord(),
HIPRecord(),
IPSECKEYRecord(),
@@ -1520,7 +1525,6 @@ _dns_records = (
NAPTRRecord(),
NSRecord(),
NSECRecord(),
- NSEC3Record(),
PTRRecord(),
RRSIGRecord(),
RPRecord(),
@@ -1528,10 +1532,7 @@ _dns_records = (
SPFRecord(),
SRVRecord(),
SSHFPRecord(),
- TARecord(),
TLSARecord(),
- TKEYRecord(),
- TSIGRecord(),
TXTRecord(),
)
@@ -2500,20 +2501,21 @@ class dnszone(DNSZoneBase):
'ipapermtarget': DN('idnsname=*', 'cn=dns', api.env.basedn),
'ipapermdefaultattr': {
'objectclass',
- 'a6record', 'aaaarecord', 'afsdbrecord', 'arecord',
- 'certrecord', 'cn', 'cnamerecord', 'dlvrecord', 'dnamerecord',
- 'dnsclass', 'dnsttl', 'dsrecord', 'hinforecord',
- 'idnsallowdynupdate', 'idnsallowquery', 'idnsallowsyncptr',
- 'idnsallowtransfer', 'idnsforwarders', 'idnsforwardpolicy',
- 'idnsname', 'idnssecinlinesigning', 'idnssoaexpire',
- 'idnssoaminimum', 'idnssoamname', 'idnssoarefresh',
- 'idnssoaretry', 'idnssoarname', 'idnssoaserial',
- 'idnsupdatepolicy', 'idnszoneactive', 'keyrecord', 'kxrecord',
+ 'a6record', 'aaaarecord', 'afsdbrecord', 'aplrecord', 'arecord',
+ 'certrecord', 'cn', 'cnamerecord', 'dhcidrecord', 'dlvrecord',
+ 'dnamerecord', 'dnsclass', 'dnsttl', 'dsrecord',
+ 'hinforecord', 'hiprecord', 'idnsallowdynupdate',
+ 'idnsallowquery', 'idnsallowsyncptr', 'idnsallowtransfer',
+ 'idnsforwarders', 'idnsforwardpolicy', 'idnsname',
+ 'idnssecinlinesigning', 'idnssoaexpire', 'idnssoaminimum',
+ 'idnssoamname', 'idnssoarefresh', 'idnssoaretry',
+ 'idnssoarname', 'idnssoaserial', 'idnsupdatepolicy',
+ 'idnszoneactive', 'ipseckeyrecord','keyrecord', 'kxrecord',
'locrecord', 'managedby', 'mdrecord', 'minforecord',
'mxrecord', 'naptrrecord', 'nsecrecord', 'nsec3paramrecord',
- 'nsrecord', 'nxtrecord', 'ptrrecord', 'rrsigrecord',
- 'sigrecord', 'srvrecord', 'sshfprecord', 'tlsarecord',
- 'txtrecord', 'unknownrecord',
+ 'nsrecord', 'nxtrecord', 'ptrrecord', 'rprecord', 'rrsigrecord',
+ 'sigrecord', 'spfrecord', 'srvrecord', 'sshfprecord',
+ 'tlsarecord', 'txtrecord', 'unknownrecord',
},
'replaces_system': ['Read DNS Entries'],
'default_privileges': {'DNS Administrators', 'DNS Servers'},
@@ -2534,20 +2536,21 @@ class dnszone(DNSZoneBase):
'ipapermlocation': api.env.basedn,
'ipapermtarget': DN('idnsname=*', 'cn=dns', api.env.basedn),
'ipapermdefaultattr': {
- 'a6record', 'aaaarecord', 'afsdbrecord', 'arecord',
- 'certrecord', 'cn', 'cnamerecord', 'dlvrecord', 'dnamerecord',
- 'dnsclass', 'dnsttl', 'dsrecord', 'hinforecord',
- 'idnsallowdynupdate', 'idnsallowquery', 'idnsallowsyncptr',
- 'idnsallowtransfer', 'idnsforwarders', 'idnsforwardpolicy',
- 'idnsname', 'idnssecinlinesigning', 'idnssoaexpire',
- 'idnssoaminimum', 'idnssoamname', 'idnssoarefresh',
- 'idnssoaretry', 'idnssoarname', 'idnssoaserial',
- 'idnsupdatepolicy', 'idnszoneactive', 'keyrecord', 'kxrecord',
+ 'a6record', 'aaaarecord', 'afsdbrecord', 'aplrecord', 'arecord',
+ 'certrecord', 'cn', 'cnamerecord', 'dhcidrecord', 'dlvrecord',
+ 'dnamerecord', 'dnsclass', 'dnsttl', 'dsrecord',
+ 'hinforecord', 'hiprecord', 'idnsallowdynupdate',
+ 'idnsallowquery', 'idnsallowsyncptr', 'idnsallowtransfer',
+ 'idnsforwarders', 'idnsforwardpolicy', 'idnsname',
+ 'idnssecinlinesigning', 'idnssoaexpire', 'idnssoaminimum',
+ 'idnssoamname', 'idnssoarefresh', 'idnssoaretry',
+ 'idnssoarname', 'idnssoaserial', 'idnsupdatepolicy',
+ 'idnszoneactive', 'ipseckeyrecord','keyrecord', 'kxrecord',
'locrecord', 'managedby', 'mdrecord', 'minforecord',
'mxrecord', 'naptrrecord', 'nsecrecord', 'nsec3paramrecord',
- 'nsrecord', 'nxtrecord', 'ptrrecord', 'rrsigrecord',
- 'sigrecord', 'srvrecord', 'sshfprecord', 'tlsarecord',
- 'txtrecord', 'unknownrecord',
+ 'nsrecord', 'nxtrecord', 'ptrrecord', 'rprecord', 'rrsigrecord',
+ 'sigrecord', 'spfrecord', 'srvrecord', 'sshfprecord',
+ 'tlsarecord', 'txtrecord', 'unknownrecord',
},
'replaces': [
'(targetattr = "idnsname || cn || idnsallowdynupdate || dnsttl || dnsclass || arecord || aaaarecord || a6record || nsrecord || cnamerecord || ptrrecord || srvrecord || txtrecord || mxrecord || mdrecord || hinforecord || minforecord || afsdbrecord || sigrecord || keyrecord || locrecord || nxtrecord || naptrrecord || kxrecord || certrecord || dnamerecord || dsrecord || sshfprecord || rrsigrecord || nsecrecord || idnsname || idnszoneactive || idnssoamname || idnssoarname || idnssoaserial || idnssoarefresh || idnssoaretry || idnssoaexpire || idnssoaminimum || idnsupdatepolicy")(target = "ldap:///idnsname=*,cn=dns,$SUFFIX")(version 3.0;acl "permission:update dns entries";allow (write) groupdn = "ldap:///cn=update dns entries,cn=permissions,cn=pbac,$SUFFIX";)',
generated by cgit (git 2.34.1) at 2024-05-09 04:36:11 +0000