From 6e7815a30e6897967b3c7e50f98f23c8a89c3b03 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Fri, 18 Feb 2011 11:00:36 +0100
Subject: Validate NAPTR records

https://fedorahosted.org/freeipa/ticket/840
---
 API.txt               |  8 ++++----
 ipalib/plugins/dns.py | 26 ++++++++++++++++++++++++++
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/API.txt b/API.txt
index b7ea174c..56cbb8b2 100644
--- a/API.txt
+++ b/API.txt
@@ -515,7 +515,7 @@ option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
 option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
-option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
+option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec',ist('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True)
 option: List('nsec3record?', attribute=True, cli_name='nsec3_rec',ist('nsec3record?', attribute=True, cli_name='nsec3_rec', doc='comma-separated list of NSEC3 records', label='NSEC3 record', multivalue=True)
@@ -559,7 +559,7 @@ option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
 option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
-option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
+option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec',ist('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True)
 option: List('nsec3record?', attribute=True, cli_name='nsec3_rec',ist('nsec3record?', attribute=True, cli_name='nsec3_rec', doc='comma-separated list of NSEC3 records', label='NSEC3 record', multivalue=True)
@@ -604,7 +604,7 @@ option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
 option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
-option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
+option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec',ist('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True)
 option: List('nsec3record?', attribute=True, cli_name='nsec3_rec',ist('nsec3record?', attribute=True, cli_name='nsec3_rec', doc='comma-separated list of NSEC3 records', label='NSEC3 record', multivalue=True)
@@ -661,7 +661,7 @@ option: List('keyrecord', attribute=True, cli_name='key_rec',ist('keyrecord', at
 option: List('kxrecord', attribute=True, cli_name='kx_rec',ist('kxrecord', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True, query=True, required=False)
 option: List('locrecord', attribute=True, cli_name='loc_rec',ist('locrecord', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True, query=True, required=False)
 option: List('mxrecord', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True, query=True, required=False)
-option: List('naptrrecord', attribute=True, cli_name='naptr_rec',ist('naptrrecord', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True, query=True, required=False)
+option: List('naptrrecord', _validate_naptr, attribute=True, cli_name='naptr_rec',ist('naptrrecord', _validate_naptr, attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True, query=True, required=False)
 option: List('nsrecord', attribute=True, cli_name='ns_rec',ist('nsrecord', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True, query=True, required=False)
 option: List('nsecrecord', attribute=True, cli_name='nsec_rec',ist('nsecrecord', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True, query=True, required=False)
 option: List('nsec3record', attribute=True, cli_name='nsec3_rec',ist('nsec3record', attribute=True, cli_name='nsec3_rec', doc='comma-separated list of NSEC3 records', label='NSEC3 record', multivalue=True, query=True, required=False)
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index ed2f955c..a18940b3 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -155,12 +155,38 @@ def _validate_mx(ugettext, mx):
 
     return None
 
+def _validate_naptr(ugettext, naptr):
+    "see RFC 2915 "
+    try:
+        order, pref, flags, svc, regexp, replacement = naptr.split()
+    except ValueError:
+        return u'format must be specified as "order preference flags service regexp replacement"'
+
+    try:
+        order = int(order)
+        pref = int(pref)
+    except ValueError:
+        return u'order and preference must be integers'
+
+    if order < 0 or order > 65535 or pref < 0 or pref > 65535:
+        return u'the value of order and preference must be between 0 and 65535'
+
+    flags = flags.replace('"','')
+    flags = flags.replace('\'','')
+    if len(flags) != 1:
+        return u'flag must be a single character (quotation is allowed)'
+    if flags.upper() not in "SAUP":
+        return u'flag must be one of "S", "A", "U", or "P"'
+
+    return None
+
 _record_validators = {
     u'A': _validate_ipaddr,
     u'AAAA': _validate_ipaddr,
     u'APL': _validate_ipnet,
     u'SRV': _validate_srv,
     u'MX': _validate_mx,
+    u'NAPTR': _validate_naptr,
 }
 
 def has_cli_options(entry, no_option_msg):
-- 
cgit