Add --zonemgr/--admin-mail validator

Do at least a basic validation of DNS zone manager mail address.

Do not require '@' to be in the mail address as the SOA record
stores this value without it and people may be used to configure
it that way. '@' is always removed by the installer/dns plugin before
the DNS zone is created.

https://fedorahosted.org/freeipa/ticket/1966

1 files changed, 17 insertions, 0 deletions

diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index ddf549770..7330264fe 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -32,6 +32,8 @@ from ipaserver.install.installutils import resolve_host
 from ipapython import sysrestore
 from ipapython import ipautil
 from ipalib.constants import DNS_ZONE_REFRESH
+from ipalib.parameters import IA5Str
+from ipalib.util import validate_zonemgr
 
 import ipalib
 from ipalib import api, util, errors
@@ -286,6 +288,21 @@ def get_rr(zone, name, type):
 
     return []
 
+def zonemgr_callback(option, opt_str, value, parser):
+    """
+    Properly validate and convert --zonemgr Option to IA5String
+    """
+    # validate the value first
+    try:
+        validate_zonemgr(value)
+    except ValueError, e:
+        parser.error("invalid zonemgr: " + unicode(e))
+
+    name = opt_str.replace('--','')
+    v = unicode(value, 'utf-8')
+    ia = IA5Str(name)
+    ia._convert_scalar(v)
+    parser.values.zonemgr = value
 
 class DnsBackup(object):
     def __init__(self, service):