From f1ed123caddd7525a0081c4a9de931cabdfda43f Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Fri, 11 May 2012 14:38:09 +0200
Subject: Replace DNS client based on acutil with python-dns

IPA client and server tool set used authconfig acutil module to
for client DNS operations. This is not optimal DNS interface for
several reasons:
- does not provide native Python object oriented interface
  but but rather C-like interface based on functions and
  structures which is not easy to use and extend
- acutil is not meant to be used by third parties besides
  authconfig and thus can break without notice

Replace the acutil with python-dns package which has a feature rich
interface for dealing with all different aspects of DNS including
DNSSEC. The main target of this patch is to replace all uses of
acutil DNS library with a use python-dns. In most cases, even
though the larger parts of the code are changed, the actual
functionality is changed only in the following cases:
- redundant DNS checks were removed from verify_fqdn function
  in installutils to make the whole DNS check simpler and
  less error-prone. Logging was improves for the remaining
  checks
- improved logging for ipa-client-install DNS discovery

https://fedorahosted.org/freeipa/ticket/2730
https://fedorahosted.org/freeipa/ticket/1837
---
 freeipa.spec.in | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'freeipa.spec.in')

diff --git a/freeipa.spec.in b/freeipa.spec.in
index a1e43a0ad..de93aecb6 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -59,7 +59,6 @@ BuildRequires:  m4
 BuildRequires:  libtool
 BuildRequires:  gettext
 BuildRequires:  python-devel
-BuildRequires:  authconfig
 BuildRequires:  python-ldap
 BuildRequires:  python-setuptools
 BuildRequires:  python-krbV
@@ -79,6 +78,7 @@ BuildRequires:  python-memcached
 BuildRequires:  sssd >= 1.8.0
 BuildRequires:  python-lxml
 BuildRequires:  python-pyasn1 >= 0.0.9a
+BuildRequires:  python-dns
 
 %description
 IPA is an integrated solution to provide centrally managed Identity (machine,
@@ -151,6 +151,7 @@ Requires(postun): python systemd-units
 Requires(preun):  python initscripts chkconfig
 Requires(postun): python initscripts chkconfig
 %endif
+Requires: python-dns
 
 # We have a soft-requires on bind. It is an optional part of
 # IPA but if it is configured we need a way to require versions
@@ -220,6 +221,7 @@ Requires: nss-tools
 Requires: bind-utils
 Requires: oddjob-mkhomedir
 Requires: python-krbV
+Requires: python-dns
 
 Obsoletes: ipa-client >= 1.0
 
@@ -256,7 +258,6 @@ Group: System Environment/Libraries
 %if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
 Requires: python-kerberos >= 1.1-3
 %endif
-Requires: authconfig
 Requires: gnupg
 Requires: iproute
 Requires: pyOpenSSL
@@ -683,6 +684,9 @@ fi
 %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
 
 %changelog
+* Fri May 11 2012 Martin Kosek <mkosek@redhat.com> - 2.99.0-29
+- Replace used DNS client library (acutil) with python-dns
+
 * Tue Apr 10 2012 Rob Crittenden <rcritten@redhat.com> - 2.99.0-28
 - Set min for selinux-policy to 3.10.0-110 on F-17 to pick up certmonger
   policy for restarting services.
-- 
cgit