From ff7b44e3b09b2e94fde66f918a6d1fb6db043d80 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 30 Jun 2014 17:17:02 +0200 Subject: Remove NSEC3PARAM record Revert 5b95be802c6aa12b9464813441f85eaee3e3e82b Ticket: https://fedorahosted.org/freeipa/ticket/4413 Reviewed-By: Petr Vobornik --- ipalib/plugins/dns.py | 48 +++--------------------------------------------- 1 file changed, 3 insertions(+), 45 deletions(-) (limited to 'ipalib/plugins/dns.py') diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index a394d0ac1..d3141f573 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -1229,34 +1229,7 @@ class NSEC3Record(DNSRecord): class NSEC3PARAMRecord(DNSRecord): rrtype = 'NSEC3PARAM' rfc = 5155 - parts = ( - Int('algorithm', - label=_('Algorithm'), - minvalue=0, - maxvalue=255, - ), - Int('flags', - label=_('Flags'), - minvalue=0, - maxvalue=255, - default=0, - ), - Int('iterations', - label=_('Iterations'), - minvalue=0, - maxvalue=65535, - ), - Str('salt', - label=_('Salt'), - doc=_('A hexadecimal salt value. Requires hexadecimal digits ' - 'or hyphen ("-") if no salt is required'), - minlength=1, - default=u'-', # no salt - pattern=r'^([0-9a-fA-F]+|-)$', - pattern_errmsg=u'only hexadecimal digits or single hyphen ("-") ' - u'are allowed' - ), - ) + supported = False def _validate_naptr_flags(ugettext, flags): allowed_flags = u'SAUP' @@ -2150,7 +2123,7 @@ class dnszone(DNSZoneBase): 'idnssoaretry', 'idnssoarname', 'idnssoaserial', 'idnsupdatepolicy', 'idnszoneactive', 'keyrecord', 'kxrecord', 'locrecord', 'managedby', 'mdrecord', 'minforecord', - 'mxrecord', 'naptrrecord', 'nsecrecord', 'nsec3paramrecord', + 'mxrecord', 'naptrrecord', 'nsecrecord', 'nsrecord', 'nxtrecord', 'ptrrecord', 'rrsigrecord', 'sigrecord', 'srvrecord', 'sshfprecord', 'tlsarecord', 'txtrecord', @@ -2184,7 +2157,7 @@ class dnszone(DNSZoneBase): 'idnssoaretry', 'idnssoarname', 'idnssoaserial', 'idnsupdatepolicy', 'idnszoneactive', 'keyrecord', 'kxrecord', 'locrecord', 'managedby', 'mdrecord', 'minforecord', - 'mxrecord', 'naptrrecord', 'nsecrecord', 'nsec3paramrecord', + 'mxrecord', 'naptrrecord', 'nsecrecord', 'nsrecord', 'nxtrecord', 'ptrrecord', 'rrsigrecord', 'sigrecord', 'srvrecord', 'sshfprecord', 'tlsarecord', 'txtrecord', @@ -2496,13 +2469,6 @@ class dnsrecord(LDAPObject): for nsrecord in nsrecords: check_ns_rec_resolvable(keys[0], DNSName(nsrecord)) - def _nsec3paramrecord_pre_callback(self, ldap, dn, entry_attrs, *keys, **options): - assert isinstance(dn, DN) - nsec3paramrecord = entry_attrs.get('nsec3paramrecord') - if nsec3paramrecord and not self.is_pkey_zone_record(*keys): - raise errors.ValidationError(name='nsec3paramrecord', - error=unicode(_('must be in zone record'))) - def _idnsname_pre_callback(self, ldap, dn, entry_attrs, *keys, **options): assert isinstance(dn, DN) if keys[-1].is_absolute(): @@ -2789,14 +2755,6 @@ class dnsrecord(LDAPObject): 'NS record except when located in a zone root ' 'record (RFC 6672, section 2.3)')) - # NSEC3PARAM record validation - nsec3params = rrattrs.get('nsec3paramrecord') - if nsec3params is not None: - if len(nsec3params) > 1: - raise errors.ValidationError(name='nsec3paramrecord', - error=_('Only one NSEC3PARAM record is ' - 'allowed per zone')) - def _entry2rrsets(self, entry_attrs, dns_name, dns_domain): '''Convert entry_attrs to a dictionary {rdtype: rrset}. -- cgit