Check that NS address passed in dnszone-add is a domain name and
not an IP address. Make this clear also the parameter help.

https://fedorahosted.org/freeipa/ticket/1567

>From b74f96b9ee1e9d6c60622506ade2d42623b292a7 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Thu, 4 Aug 2011 09:59:01 +0200
Subject: [PATCH] Improve dnszone-add error message

Check that NS address passed in dnszone-add is a domain name and
not an IP address. Make this clear also the parameter help.

https://fedorahosted.org/freeipa/ticket/1567
---
 ipalib/plugins/dns.py |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index d50a9f6e8467ee294e61f5d96657bdc1ee6d5941..105678b23c9faae3cc34ffc9084fc37d9ca29265 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -109,6 +109,7 @@ from ipalib import Flag, Int, List, Str, StrEnum
 from ipalib.plugins.baseldap import *
 from ipalib import _, ngettext
 from ipapython import dnsclient
+from ipapython.ipautil import valid_ip
 from ldap import explode_dn
 
 # supported resource record types
@@ -318,7 +319,7 @@ class dnszone(LDAPObject):
         Str('idnssoamname',
             cli_name='name_server',
             label=_('Authoritative nameserver'),
-            doc=_('Authoritative nameserver.'),
+            doc=_('Authoritative nameserver domain name'),
         ),
         Str('idnssoarname',
             cli_name='admin_email',
@@ -431,6 +432,11 @@ class dnszone_add(LDAPCreate):
         # Check nameserver has a forward record
         nameserver = entry_attrs['idnssoamname']
 
+        # NS record must contain domain name
+        if valid_ip(nameserver):
+            raise errors.ValidationError(name='name-server',
+                    error=unicode(_("Nameserver address is not a fully qualified domain name")))
+
         if not 'ip_address' in options and not options['force']:
             is_ns_rec_resolvable(nameserver)
 
-- 
1.7.6

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to