summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/dns.py
Commit message (Collapse)AuthorAgeFilesLines
* Fix warning message should not contain CLI commandsMartin Basti2014-11-191-5/+4
| | | | | | | Message is now universal for both CLI and WebUI Ticket: https://fedorahosted.org/freeipa/ticket/4647 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* fix forwarder validation errorsMartin Basti2014-10-211-6/+8
| | | | | | Fix tests, validation in dnsconfig mod, wuser warning Reviewed-By: Petr Spacek <pspacek@redhat.com>
* DNSSEC: change link to ipa pageMartin Basti2014-10-211-3/+1
| | | | | | | | | | | | Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>
* DNSSEC: ACIMartin Basti2014-10-211-0/+53
| | | | | | | | | | | | Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>
* DNSSEC: validate forwardersMartin Basti2014-10-211-1/+33
| | | | | | | | | | | | Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>
* Remove --ip-address, --name-server otpions from DNS helpMartin Basti2014-09-261-5/+2
| | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4149 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* DNS: autofill admin emailMartin Basti2014-09-251-6/+5
| | | | | | | | | Admins email (SOA RNAME) is autofilled with value 'hostmaster'. Bind will automaticaly append zone part. Part of ticket: https://fedorahosted.org/freeipa/ticket/4149 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Deprecation of --name-server and --ip-address option in DNSMartin Basti2014-09-251-81/+73
| | | | | | | | | | | | | Option --name-server is changing only SOA MNAME, this option has no more effect to NS records Option --ip-addres is just ignored A warning message is sent after use these options Part of ticket: https://fedorahosted.org/freeipa/ticket/4149 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Fix DNS plugin to allow to add root zoneMartin Basti2014-09-251-24/+32
| | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4149 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* DNS: remove --class optionMartin Basti2014-09-251-4/+5
| | | | | | | | This option haven't been working, it is time to remove it. Ticket: https://fedorahosted.org/freeipa/ticket/3414 Reviewed-By: Petr Vobornik <pvoborni@redhat.com> Reviewed-By: Petr Spacek <pspacek@redhat.com>
* dnszone-remove-permission should raise errorMartin Basti2014-09-251-4/+1
| | | | | | | dnszone-remove-permission should raise NotFound error if permission was not found (regression of 21c829ff). Reviewed-By: Martin Kosek <mkosek@redhat.com>
* FIX DNS wildcard records (RFC4592)Martin Basti2014-09-051-0/+22
| | | | | | | | | | Make validation more strict * DS, NS, DNAME owners should not be a wildcard domanin name * zone name should not be a wildcard domain name Ticket: https://fedorahosted.org/freeipa/ticket/4488 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* DNS fix NS record coexistence validatorMartin Basti2014-09-051-6/+17
| | | | | | | NS can coexistent only with A, AAAA, DS, NS record Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Martin Kosek <mkosek@redhat.com>
* DNSSEC: fix DS record validationMartin Basti2014-09-051-36/+63
| | | | | | | Part of: https://fedorahosted.org/freeipa/ticket/3801 Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Fix dnsrecord-mod raise error if last record attr is removedMartin Basti2014-09-051-0/+7
| | | | | | Removing last record attribute causes output type validation error Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Fix typos in dns.pyGabe2014-07-181-3/+3
| | | | | | https://fedorahosted.org/freeipa/ticket/4429 Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* Non IDNA zonename should be normalized to lowercaseMartin Basti2014-07-041-0/+10
| | | | | | Before IDNA support zone was normalized. Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Fix incompatible permission name *zone-delMartin Basti2014-07-031-14/+19
| | | | | | Fixes ticket: https://fedorahosted.org/freeipa/ticket/4383 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Split dns docstringMartin Basti2014-07-031-47/+47
| | | | Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Help for forward zonesMartin Basti2014-07-031-12/+51
| | | | | Ticket: https://fedorahosted.org/freeipa/ticket/3210 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Use documentation addresses in dns helpMartin Basti2014-07-031-15/+15
| | | | Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Add DNSSEC experimental support warning messageMartin Basti2014-07-031-0/+19
| | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4408 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Add warning about semantic change for zonesMartin Basti2014-07-031-0/+23
| | | | | | | | | --forwarder have different semantic since forward zones support. Add warning if zone contains forwarders. Ticket: https://fedorahosted.org/freeipa/ticket/3210#comment:16 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Add NSEC3PARAM to zone settingsMartin Basti2014-07-021-3/+47
| | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4413 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Remove NSEC3PARAM recordMartin Basti2014-07-021-45/+3
| | | | | | | Revert 5b95be802c6aa12b9464813441f85eaee3e3e82b Ticket: https://fedorahosted.org/freeipa/ticket/4413 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Fix ACI in DNSMartin Basti2014-07-011-2/+2
| | | | | | | Added ACI for idnssecinlinesigning, dlvrecord, nsec3paramrecord, tlsarecord Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* DNSSEC: add TLSA record typeMartin Basti2014-07-011-15/+44
| | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4328 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Fix incompatible DNS permissionMartin Basti2014-06-251-1/+30
| | | | | | | | | dns(forward)zone-add/remove-permission can work with permissions with relative zone name Ticket:https://fedorahosted.org/freeipa/ticket/4383 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Digest part in DLV/DS records allows only heaxadecimal charactersMartin Basti2014-06-201-0/+2
| | | | Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* DNSSEC: DLVRecord type addedMartin Basti2014-06-201-15/+17
| | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4328 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* DNSSEC: added NSEC3PARAM record typeMartin Basti2014-06-201-5/+49
| | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4328 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* DNSSEC: remove unsuported recordsMartin Basti2014-06-201-97/+4
| | | | | | | Removed SIG, NSEC, KEy, RRSIG records Ticket: https://fedorahosted.org/freeipa/ticket/4328 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Create BASE zone classMartin Basti2014-06-201-528/+333
| | | | | | | | | | | Zones and forward zones have a lot of common code, this patch remove duplications by creating a DNSBase class and its subclasses design: http://www.freeipa.org/page/V4/Forward_zones Ticket: https://fedorahosted.org/freeipa/ticket/3210 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Prevent commands to modify different type of a zoneMartin Basti2014-06-201-16/+128
| | | | | | | | | | | Commands dnsforwardzone-* can modify only forward zones Commands dnszone-* can modify only (master) zones Commands dnsrecord-* can work only with master zones design: http://www.freeipa.org/page/V4/Forward_zones Ticket: https://fedorahosted.org/freeipa/ticket/3210 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Separate master and forward DNS zonesMartin Basti2014-06-201-0/+328
| | | | | | | | | Forward zones are stored in idnsforwadzone objectclasses. design: http://www.freeipa.org/page/V4/Forward_zones Ticket: https://fedorahosted.org/freeipa/ticket/3210 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Convert DNS default permissions to managedPetr Viktorin2014-06-181-0/+101
| | | | | | | | | | | Convert the existing default permissions. The Read permission is split between Read DNS Entries and Read DNS Configuration. Part of the work for: https://fedorahosted.org/freeipa/ticket/4346 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Fix --ttl description for DNS zonesPetr Spacek2014-06-121-2/+2
| | | | | | | TTL specified in idnsZone object class affects all records at zone apex, not only SOA record. Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* Update all remaining plugins to the new Registry APINathaniel McCallum2014-06-111-22/+25
| | | | Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* PTR record target can be relativeMartin Basti2014-06-031-2/+1
| | | | Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* _domain_name_validatord moved from DNS to realmdomainsMartin Basti2014-06-031-11/+0
| | | | | | | | | | Validator is no more used in dns plugin Part of ticket: IPA should allow internationalized domain names https://fedorahosted.org/freeipa/ticket/3169 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Modified record and zone class to support IDNMartin Basti2014-06-031-97/+307
| | | | | | | | | | | | | | * Records data are always returned as string * Attributes idnsname, idnssoamname, idnssoarname are returned as * DNSName, with option --raw as string * option --raw returns all IDN domains punycoded Part of ticket: IPA should allow internationalized domain names https://fedorahosted.org/freeipa/ticket/3169 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Modified records and zone parameters to use DNSNameParamMartin Basti2014-06-031-28/+19
| | | | | | | | | | | | | * Zone is stored as an absolute name (ipa never support relative * zonenames) * compatible with relative zone names as was before * PTR target can be relative domain name Part of ticket: IPA should allow internationalized domain names https://fedorahosted.org/freeipa/ticket/3169 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Modified dns related global functionsMartin Basti2014-06-031-69/+52
| | | | | | | | | | | * Modified functions to use DNSName type * Removed unused functions Part of ticket: IPA should allow internationalized domain names https://fedorahosted.org/freeipa/ticket/3169 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Modified has_output attributesMartin Basti2014-06-031-2/+8
| | | | | | | | Part of ticket: IPA should allow internationalized domain names https://fedorahosted.org/freeipa/ticket/3169 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* dns: Add idnsSecInlineSigning attribute, add --dnssec option to zonePetr Viktorin2014-05-281-1/+7
| | | | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/3801 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Allow primary keys to use different type than unicode.Jan Cholasta2014-04-181-6/+7
| | | | | | | | | | Also return list of primary keys instead of a single unicode CSV value from LDAPDelete-based commands. This introduces a new capability 'primary_key_types' for backward compatibility with old clients. Reviewed-By: Tomas Babej <tbabej@redhat.com>
* Add wait_for_dns option to default.conf.Petr Spacek2014-04-041-4/+213
| | | | | | | | | | | This option makes record changes in DNS tree synchronous. IPA calls will wait until new data are visible over DNS protocol or until timeout. It is intended only for testing. It should prevent tests from failing if there is bigger delay between changes in LDAP and DNS. Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Add permission_filter_objectclasses for explicit type filtersPetr Viktorin2014-02-201-0/+1
| | | | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/4074 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Fix regular expression for LOC records in DNS.Petr Spacek2014-02-181-8/+13
| | | | | | | | | | | - Fractional parts of integers are not mandatory. - Expressions containing only size or only size + horizontal precision are allowed. - N/S/W/E handling was fixed. See RFC 1876 section 3 for details. Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* DNS classless support for reverse domainsMartin Basti2014-02-111-11/+34
| | | | | | | | | | | | Now users can add reverse zones in classless form: 0/25.1.168.192.in-addr.arpa. 0-25.1.168.192.in-addr.arpa. 128/25 NS ns.example.com. 10 CNAME 10.128/25.1.168.192.in-addr.arpa. Ticket: https://fedorahosted.org/freeipa/ticket/4143 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
generated by cgit (git 2.34.1) at 2025-09-03 13:28:46 +0000