From 42c401a87795fe3a2067155460ae276ad2d3e360 Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Tue, 2 Apr 2013 11:58:31 +0200 Subject: Improve CNAME record validation Refactor DNS RR conflict validator so that it is better extensible in the future. Also check that there is only one CNAME defined for a DNS record. PTR+CNAME record combination is no longer allowed as we found out it does not make sense to have this combination. https://fedorahosted.org/freeipa/ticket/3450 --- tests/test_xmlrpc/test_dns_plugin.py | 38 +++++++++++++----------------------- 1 file changed, 14 insertions(+), 24 deletions(-) (limited to 'tests/test_xmlrpc') diff --git a/tests/test_xmlrpc/test_dns_plugin.py b/tests/test_xmlrpc/test_dns_plugin.py index 945bca384..2e7d5466a 100644 --- a/tests/test_xmlrpc/test_dns_plugin.py +++ b/tests/test_xmlrpc/test_dns_plugin.py @@ -773,7 +773,8 @@ class test_dns(Declarative): desc='Try to add CNAME record to %r using dnsrecord_add' % (dnsres1), command=('dnsrecord_add', [dnszone1, dnsres1], {'cnamerecord': u'foo-1.example.com.'}), expected=errors.ValidationError(name='cnamerecord', - error=u'CNAME record is not allowed to coexist with any other records except PTR'), + error=u'CNAME record is not allowed to coexist with any other ' + u'record (RFC 1034, section 3.6.2)'), ), dict( @@ -784,6 +785,14 @@ class test_dns(Declarative): u'are allowed. DNS label may not start or end with -'), ), + dict( + desc='Try to add multiple CNAME record %r using dnsrecord_add' % (dnsrescname), + command=('dnsrecord_add', [dnszone1, dnsrescname], {'cnamerecord': + [u'1.example.com.', u'2.example.com.']}), + expected=errors.ValidationError(name='cnamerecord', + error=u'only one CNAME record is allowed per name (RFC 2136, section 1.1.5)'), + ), + dict( desc='Add CNAME record to %r using dnsrecord_add' % (dnsrescname), command=('dnsrecord_add', [dnszone1, dnsrescname], {'cnamerecord': u'foo-1.example.com.'}), @@ -803,14 +812,16 @@ class test_dns(Declarative): desc='Try to add other record to CNAME record %r using dnsrecord_add' % (dnsrescname), command=('dnsrecord_add', [dnszone1, dnsrescname], {'arecord': u'10.0.0.1'}), expected=errors.ValidationError(name='cnamerecord', - error=u'CNAME record is not allowed to coexist with any other records except PTR'), + error=u'CNAME record is not allowed to coexist with any other ' + u'record (RFC 1034, section 3.6.2)'), ), dict( desc='Try to add other record to CNAME record %r using dnsrecord_mod' % (dnsrescname), command=('dnsrecord_mod', [dnszone1, dnsrescname], {'arecord': u'10.0.0.1'}), expected=errors.ValidationError(name='cnamerecord', - error=u'CNAME record is not allowed to coexist with any other records except PTR'), + error=u'CNAME record is not allowed to coexist with any other ' + u'record (RFC 1034, section 3.6.2)'), ), dict( @@ -1062,22 +1073,6 @@ class test_dns(Declarative): }, ), - dict( - desc='Test that CNAME/PTR record type combination in record %r is allowed' % (dnsrev1), - command=('dnsrecord_add', [revdnszone1, dnsrev1], {'cnamerecord': u'foo-1.example.com.' }), - expected={ - 'value': dnsrev1, - 'summary': None, - 'result': { - 'objectclass': objectclasses.dnsrecord, - 'dn': dnsrev1_dn, - 'idnsname': [dnsrev1], - 'ptrrecord': [u'foo-1.example.com.'], - 'cnamerecord': [u'foo-1.example.com.'], - }, - }, - ), - dict( desc='Show record %r in zone %r with --structured and --all options'\ % (dnsrev1, revdnszone1), @@ -1096,11 +1091,6 @@ class test_dns(Declarative): 'dnsdata': u'foo-1.example.com.', 'ptr_part_hostname': u'foo-1.example.com.' }, - { - 'dnstype': u'CNAME', - 'dnsdata': u'foo-1.example.com.', - 'cname_part_hostname': u'foo-1.example.com.' - } ], }, }, -- cgit