Improve DNS record data validation

Implement missing validators for DNS RR types so that we can capture
at least basic user errors. Additionally, a normalizer creating
a fully-qualified domain name has been implemented for several RRs
where name server may mis-interpret the domain name otherwise.

Unit tests exercising these new validators for the most common
RR types have been added. This patch also consolidates hard-coded
values in DNS test to one place.

https://fedorahosted.org/freeipa/ticket/1106

1 files changed, 17 insertions, 0 deletions

diff --git a/ipalib/util.py b/ipalib/util.py
index fa93cc75..7a4d256d 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -233,3 +233,20 @@ def validate_zonemgr(zonemgr):
 
     if not all(regex_domain.match(part) for part in domain.split(".")):
         raise ValueError(_('domain name may only include letters, numbers, and -'))
+
+def validate_hostname(hostname):
+    """ See RFC 952, 1123"""
+    regex_name = re.compile(r'^[a-z0-9]([a-z0-9-]?[a-z0-9])*$', re.IGNORECASE)
+
+    if len(hostname) > 255:
+        raise ValueError(_('cannot be longer that 255 characters'))
+
+    if hostname.endswith('.'):
+        hostname = hostname[:-1]
+
+    if '.' not in hostname:
+        raise ValueError(_('hostname is not fully qualified'))
+
+    if not all(regex_name.match(part) for part in hostname.split(".")):
+        raise ValueError(_('hostname parts may only include letters, numbers, and - ' \
+                           '(which is not allowed as the last character)'))