DNSSEC: Improve global forwarders validation

Validation now provides more detailed information and less false positives failures. https://fedorahosted.org/freeipa/ticket/4657 Reviewed-By: David Kupka <dkupka@redhat.com> Reviewed-By: Petr Spacek <pspacek@redhat.com>
author: Martin Basti <mbasti@redhat.com> 2015-04-22 15:29:21 +0200
committer: Petr Vobornik <pvoborni@redhat.com> 2015-06-11 13:12:31 +0200
commit: 9aa6124b39267148c4c1b9a8ee4209fb859b9c42 (patch)
tree: e92fce6095a192fae928e4ba64b022d68878ab6e /ipalib/messages.py
parent: c9cbb1493a8c9e10020c7f2104a345cd43535259 (diff)
download: freeipa-9aa6124b39267148c4c1b9a8ee4209fb859b9c42.tar.gz
freeipa-9aa6124b39267148c4c1b9a8ee4209fb859b9c42.tar.xz
freeipa-9aa6124b39267148c4c1b9a8ee4209fb859b9c42.zip
1 files changed, 19 insertions, 4 deletions
diff --git a/ipalib/messages.py b/ipalib/messages.py
index b44beca72..236b683b3 100644
--- a/ipalib/messages.py
+++ b/ipalib/messages.py
@@ -179,14 +179,14 @@ class OptionSemanticChangedWarning(PublicMessage):
                u"%(hint)s")
 
 
-class DNSServerNotRespondingWarning(PublicMessage):
+class DNSServerValidationWarning(PublicMessage):
     """
-    **13006**  Used when a DNS server is not responding to queries
+    **13006**  Used when a DNS server is not to able to resolve query
     """
 
     errno = 13006
     type = "warning"
-    format = _(u"DNS server %(server)s not responding.")
+    format = _(u"DNS server %(server)s: %(error)s.")
 
 
 class DNSServerDoesNotSupportDNSSECWarning(PublicMessage):
@@ -196,10 +196,11 @@ class DNSServerDoesNotSupportDNSSECWarning(PublicMessage):
 
     errno = 13007
     type = "warning"
-    format = _(u"DNS server %(server)s does not support DNSSEC. "
+    format = _(u"DNS server %(server)s does not support DNSSEC: %(error)s.\n"
                u"If DNSSEC validation is enabled on IPA server(s), "
                u"please disable it.")
 
+
 class ForwardzoneIsNotEffectiveWarning(PublicMessage):
     """
     **13008** Forwardzone is not effective, forwarding will not work because
@@ -214,6 +215,20 @@ class ForwardzoneIsNotEffectiveWarning(PublicMessage):
                u"\"%(ns_rec)s\" to parent zone \"%(authzone)s\".")
 
 
+class DNSServerDoesNotSupportEDNS0Warning(PublicMessage):
+    """
+    **13009** Used when a DNS server does not support EDNS0, required for
+    DNSSEC support
+    """
+
+    errno = 13009
+    type = "warning"
+    format = _(u"DNS server %(server)s does not support EDNS0 (RFC 6891): "
+               u"%(error)s.\n"
+               u"If DNSSEC validation is enabled on IPA server(s), "
+               u"please disable it.")
+
+
 def iter_messages(variables, base):
     """Return a tuple with all subclasses
     """
author	Martin Basti <mbasti@redhat.com>	2015-04-22 15:29:21 +0200
committer	Petr Vobornik <pvoborni@redhat.com>	2015-06-11 13:12:31 +0200
commit	9aa6124b39267148c4c1b9a8ee4209fb859b9c42 (patch)
tree	e92fce6095a192fae928e4ba64b022d68878ab6e /ipalib/messages.py
parent	c9cbb1493a8c9e10020c7f2104a345cd43535259 (diff)
download	freeipa-9aa6124b39267148c4c1b9a8ee4209fb859b9c42.tar.gz freeipa-9aa6124b39267148c4c1b9a8ee4209fb859b9c42.tar.xz freeipa-9aa6124b39267148c4c1b9a8ee4209fb859b9c42.zip