From d6d12e9dc597d6637ae49057a44b51476ff876b0 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 26 Feb 2008 13:51:56 -0500
Subject: Require that service principals resolve to a DNS A record. There is a
 --force option for those who know what they are doing.

433483
---
 ipa-python/ipaclient.py | 4 ++--
 ipa-python/ipaerror.py  | 5 +++++
 ipa-python/rpcclient.py | 4 ++--
 3 files changed, 9 insertions(+), 4 deletions(-)

(limited to 'ipa-python')

diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py
index 83cdf0e6b..b685be38c 100644
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -381,8 +381,8 @@ class IPAClient:
         result = self.transport.update_password_policy(policy.origDataDict(), policy.toDict())
         return result
 
-    def add_service_principal(self, princ_name):
-        return self.transport.add_service_principal(princ_name)
+    def add_service_principal(self, princ_name, force):
+        return self.transport.add_service_principal(princ_name, force)
 
     def delete_service_principal(self, principal_dn):
         return self.transport.delete_service_principal(principal_dn)
diff --git a/ipa-python/ipaerror.py b/ipa-python/ipaerror.py
index 570cbb938..c5ed7e778 100644
--- a/ipa-python/ipaerror.py
+++ b/ipa-python/ipaerror.py
@@ -143,6 +143,11 @@ INPUT_SAME_GROUP = gen_error_code(
         0x0002,
         "You can't add a group to itself")
 
+INPUT_NOT_DNS_A_RECORD = gen_error_code(
+        INPUT_CATEGORY,
+        0x0003,
+        "The requested hostname is not a DNS A record. This is required by Kerberos.")
+
 #
 # Connection errors
 #
diff --git a/ipa-python/rpcclient.py b/ipa-python/rpcclient.py
index 2359c5d65..c3835568f 100644
--- a/ipa-python/rpcclient.py
+++ b/ipa-python/rpcclient.py
@@ -704,11 +704,11 @@ class RPCClient:
 
         return ipautil.unwrap_binary_data(result)
 
-    def add_service_principal(self, princ_name):
+    def add_service_principal(self, princ_name, force):
         server = self.setup_server()
     
         try:
-            result = server.add_service_principal(princ_name)
+            result = server.add_service_principal(princ_name, force)
         except xmlrpclib.Fault, fault:
             raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
         except socket.error, (value, msg):
-- 
cgit