diff options
| author | Martin Basti <mbasti@redhat.com> | 2014-10-21 13:59:42 +0200 |
|---|---|---|
| committer | Petr Vobornik <pvoborni@redhat.com> | 2014-10-21 15:55:09 +0200 |
| commit | 5e1172f560f4a63ed8398f326c158e9c8c1f91a8 (patch) | |
| tree | 0d3bf9533478813ebee25fc4adca32d23189b44e | |
| parent | 20761f7fcd86dbfad53af78bce2bd3892dfe8232 (diff) | |
| download | freeipa-5e1172f560f4a63ed8398f326c158e9c8c1f91a8.tar.gz freeipa-5e1172f560f4a63ed8398f326c158e9c8c1f91a8.tar.xz freeipa-5e1172f560f4a63ed8398f326c158e9c8c1f91a8.zip | |
fix forwarder validation errors
Fix tests, validation in dnsconfig mod, wuser warning
Reviewed-By: Petr Spacek <pspacek@redhat.com>
| -rw-r--r-- | ipalib/plugins/dns.py | 14 | ||||
| -rw-r--r-- | ipaserver/install/bindinstance.py | 6 | ||||
| -rw-r--r-- | ipatests/test_xmlrpc/test_dns_plugin.py | 6 |
3 files changed, 18 insertions, 8 deletions
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 61b9e3d7a..dd1e640f4 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -3942,12 +3942,14 @@ class dnsconfig_mod(LDAPUpdate): # test dnssec forwarders non_dnssec_forwarders = [] not_responding_forwarders = [] - for forwarder in options.get('idnsforwarders', []): - dnssec_status = validate_dnssec_forwarder(forwarder) - if dnssec_status is None: - not_responding_forwarders.append(forwarder) - elif dnssec_status is False: - non_dnssec_forwarders.append(forwarder) + forwarders = options.get('idnsforwarders') + if forwarders: + for forwarder in forwarders: + dnssec_status = validate_dnssec_forwarder(forwarder) + if dnssec_status is None: + not_responding_forwarders.append(forwarder) + elif dnssec_status is False: + non_dnssec_forwarders.append(forwarder) result = super(dnsconfig_mod, self).execute(*keys, **options) self.obj.postprocess_result(result) diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 052665938..6cf018e9c 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -464,8 +464,10 @@ def check_forwarders(dns_forwarders, logger): logger.warning("DNS forwarder %s does not return DNSSEC signatures in answers", forwarder) logger.warning("Please fix forwarder configuration to enable DNSSEC support.\n" "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")") - print ("WARNING: DNS forwarder %s is not configured to support " - "DNSSEC" % forwarder) + print ("WARNING: DNS forwarder %s does not return DNSSEC " + "signatures in answers" % forwarder) + print "Please fix forwarder configuration to enable DNSSEC support." + print "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")" return forwarders_dnssec_valid diff --git a/ipatests/test_xmlrpc/test_dns_plugin.py b/ipatests/test_xmlrpc/test_dns_plugin.py index 0f9b16ba7..a34d11a32 100644 --- a/ipatests/test_xmlrpc/test_dns_plugin.py +++ b/ipatests/test_xmlrpc/test_dns_plugin.py @@ -1662,6 +1662,12 @@ class test_dns(Declarative): expected={ 'value': None, 'summary': None, + u'messages': ( + {u'message': u'DNS server 172.16.31.80 not responding.', + u'code': 13006, + u'type':u'warning', + u'name': u'DNSServerNotRespondingWarning'}, + ), 'result': { 'idnsforwarders': [fwd_ip], }, |