diff options
author | Petr Spacek <pspacek@redhat.com> | 2015-11-02 09:50:57 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2015-11-10 13:47:27 +0100 |
commit | 50b0471f01985d2d43998df1a9c4a73cf5cf47c1 (patch) | |
tree | ab1efb136474688457364806a40af856f6c93544 /ipalib/plugins/dns.py | |
parent | a8c3d6fbb7ac9c5e9f665473bfb7414bb073ae09 (diff) | |
download | freeipa-50b0471f01985d2d43998df1a9c4a73cf5cf47c1.tar.gz freeipa-50b0471f01985d2d43998df1a9c4a73cf5cf47c1.tar.xz freeipa-50b0471f01985d2d43998df1a9c4a73cf5cf47c1.zip |
DNS record-add warns when a suspicious DNS name is detected
Relative name "record.zone" is being added into zone "zone.",
which is probably a mistake. User probably wanted to either specify
relative name "record" or use FQDN "record.zone.".
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipalib/plugins/dns.py')
-rw-r--r-- | ipalib/plugins/dns.py | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 48d6f740e..686eb7585 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -3522,6 +3522,24 @@ class dnsrecord(LDAPObject): _add_warning_fw_zone_is_not_effective(result, fwzone, options['version']) + def warning_suspicious_relative_name(self, result, *keys, **options): + """Detect if zone name is suffix of relative record name and warn. + + Zone name: test.zone. + Relative name: record.test.zone + """ + record_name = keys[-1] + zone = keys[-2] + if not record_name.is_absolute() and record_name.is_subdomain( + zone.relativize(DNSName.root)): + messages.add_message( + options['version'], + result, + messages.DNSSuspiciousRelativeName(record=record_name, + zone=zone, + fqdn=record_name + zone) + ) + @register() class dnsrecord_add(LDAPCreate): @@ -3701,6 +3719,11 @@ class dnsrecord_add(LDAPCreate): return dn + def execute(self, *keys, **options): + result = super(dnsrecord_add, self).execute(*keys, **options) + self.obj.warning_suspicious_relative_name(result, *keys, **options) + return result + def exc_callback(self, keys, options, exc, call_func, *call_args, **call_kwargs): if call_func.__name__ == 'add_entry': if isinstance(exc, errors.DuplicateEntry): |