diff options
author | Petr Spacek <pspacek@redhat.com> | 2016-05-17 17:06:32 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-05-30 20:14:32 +0200 |
commit | 0c75df4bf3784eae08f41c176bbaab44c6d510a7 (patch) | |
tree | 2b7c1162a64f95c62e6f8cc642dbb51007cc404c /ipapython/dnsutil.py | |
parent | da71e7e9de233bc0e40a90adb2db6d0944a1356a (diff) | |
download | freeipa-0c75df4bf3784eae08f41c176bbaab44c6d510a7.tar.gz freeipa-0c75df4bf3784eae08f41c176bbaab44c6d510a7.tar.xz freeipa-0c75df4bf3784eae08f41c176bbaab44c6d510a7.zip |
Move check_zone_overlap() from ipapython.ipautil to ipapython.dnsutil
This is preparatory work to avoid (future) cyclic import between
ipapython.dnsutil and ipapython.ipautil.
https://fedorahosted.org/freeipa/ticket/5710
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipapython/dnsutil.py')
-rw-r--r-- | ipapython/dnsutil.py | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/ipapython/dnsutil.py b/ipapython/dnsutil.py index 240b7c9cd..6287e3eef 100644 --- a/ipapython/dnsutil.py +++ b/ipapython/dnsutil.py @@ -19,6 +19,7 @@ import dns.name import dns.exception +import dns.resolver import copy import six @@ -228,3 +229,37 @@ def inside_auto_empty_zone(name): if name.is_subdomain(aez): return True return False + + +def check_zone_overlap(zone, raise_on_error=True): + root_logger.info("Checking DNS domain %s, please wait ..." % zone) + if not isinstance(zone, DNSName): + zone = DNSName(zone).make_absolute() + + # automatic empty zones always exist so checking them is pointless, + # do not report them to avoid meaningless error messages + if is_auto_empty_zone(zone): + return + + try: + containing_zone = dns.resolver.zone_for_name(zone) + except dns.exception.DNSException as e: + msg = ("DNS check for domain %s failed: %s." % (zone, e)) + if raise_on_error: + raise ValueError(msg) + else: + root_logger.warning(msg) + return + + if containing_zone == zone: + try: + ns = [ans.to_text() for ans in dns.resolver.query(zone, 'NS')] + except dns.exception.DNSException as e: + root_logger.debug("Failed to resolve nameserver(s) for domain" + " {0}: {1}".format(zone, e)) + ns = [] + + msg = u"DNS zone {0} already exists in DNS".format(zone) + if ns: + msg += u" and is handled by server(s): {0}".format(', '.join(ns)) + raise ValueError(msg) |