On Thu, 2012-03-01 at 13:19 +0100, Martin Kosek wrote:
> These 2 patches changes the DNS API to support the last missing bits in
> new bind-dyndb-ldap:
> 
> 1) Both global and per-zone forwarders now support a conditional custom
> port (with format "IP_ADDRESS PORT")
> 2) Missing global configuration options have been added:
>  * idnsforwardpolicy: Default policy for conditional forwarding
>  * idnsallowsyncptr: Allow globaly PTR synchronization for dynamic
>    updates
>  * idnszonerefresh: Default interval between regular polls of the
>    name server for new DNS zones
> 
> Before these patches are pushed, I will just have to update the minimal
> bind-dyndb-ldap version (it has not been built yet) which have a full
> support for these.
> 
> Martin

New version of bind-dyndb-ldap has been released, attaching a rebased
patch with fixed bind-dyndb-ldap version in spec file.

I also fixed the forwarder format, it should be "$IP port $PORT", not
"$IP $PORT" as it was in a previous version of the patch. I tested this
new format with bind-dyndb-ldap it forwards the queries properly.

Unfortunately, fixed version of bind have not been released yet, i.e.
bind will crash if forwarders are defined both in named.conf and LDAP
global configuration (dnsconfig-mod).

Martin
>From 21d191f23858017b8e0f37f6918268f70c2e6be0 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Wed, 7 Mar 2012 15:53:38 +0100
Subject: [PATCH 1/2] Allow port numbers for idnsForwarders

Let user enter custom ports for zone conditional forwarders or
global forwarders in dnsconfig. Ports can be specified in
a standard BIND format: IP_ADDRESS [port PORT]

https://fedorahosted.org/freeipa/ticket/2462
---
 freeipa.spec.in       |    5 ++++-
 ipalib/plugins/dns.py |   28 ++++++++++++++++++++++++----
 2 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/freeipa.spec.in b/freeipa.spec.in
index 9421bd2a800f6dca39c2b40b533e14f108120c56..33c4bc31b8b261419cefc6ed269fc59835541a8d 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -151,7 +151,7 @@ Requires(postun): python initscripts chkconfig
 # We have a soft-requires on bind. It is an optional part of
 # IPA but if it is configured we need a way to require versions
 # that work for us.
-Conflicts: bind-dyndb-ldap < 1.1.0-0.8.a2
+Conflicts: bind-dyndb-ldap < 1.1.0-0.9.b1
 Conflicts: bind < 9.8.1-1
 
 # mod_proxy provides a single API to communicate over SSL. If mod_ssl
@@ -670,6 +670,9 @@ fi
 
 %changelog
 
+* Wed Mar  7 2012 Martin Kosek <mko...@redhat.com> - 2.2.0-16
+- Set min for bind-dyndb-ldap to 1.1.0-0.9.b1 to pick up new features
+
 * Thu Mar 1 2012 Jan Cholasta <jchol...@redhat.com> - 2.2.0-15
 - Set min nvr of sssd to 1.8.0 for SSH support
 - Add BuildRequires on sssd >= 1.8.0
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index a10960a2c20b8915b199ed82462a844ce8f5915c..251db476ed3029759ffd2238ad33fc7320de4ef2 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -348,6 +348,24 @@ def _dns_record_name_validator(ugettext, value):
     except ValueError, e:
         return unicode(e)
 
+def _validate_bind_forwarder(ugettext, forwarder):
+    ip_address, sep, port = forwarder.partition(u' port ')
+
+    ip_address_validation = _validate_ipaddr(ugettext, ip_address)
+
+    if ip_address_validation is not None:
+        return ip_address_validation
+
+    if sep:
+        try:
+            port = int(port)
+            if port < 0 or port > 65535:
+                raise ValueError()
+        except ValueError:
+            return _('%(port)s is not a valid port' % dict(port=port))
+
+    return None
+
 def _domain_name_validator(ugettext, value):
     try:
         validate_domain_name(value)
@@ -1614,10 +1632,11 @@ class dnszone(LDAPObject):
             autofill=True,
         ),
         Str('idnsforwarders*',
-            _validate_ipaddr,
+            _validate_bind_forwarder,
             cli_name='forwarder',
             label=_('Zone forwarders'),
-            doc=_('A list of zone forwarders'),
+            doc=_('A list of global forwarders. A custom port can be specified ' \
+                  'for each forwarder using a standard format "IP_ADDRESS port PORT"'),
             csv=True,
         ),
         StrEnum('idnsforwardpolicy?',
@@ -2628,10 +2647,11 @@ class dnsconfig(LDAPObject):
 
     takes_params = (
         Str('idnsforwarders*',
-            _validate_ipaddr,
+            _validate_bind_forwarder,
             cli_name='forwarder',
             label=_('Global forwarders'),
-            doc=_('A list of global forwarders'),
+            doc=_('A list of global forwarders. A custom port can be specified ' \
+                  'for each forwarder using a standard format "IP_ADDRESS port PORT"'),
             csv=True,
         ),
     )
-- 
1.7.7.6

>From 8ac6bb44cce5ce88ef00dd8526b7ecd022926c9e Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Wed, 7 Mar 2012 15:54:38 +0100
Subject: [PATCH 2/2] Add missing global options in dnsconfig

Add a support for new global options in bind-dyndb-ldap, that is:
 * idnsforwardpolicy: Default policy for conditional forwarding
 * idnsallowsyncptr: Allow globaly PTR synchronization for dynamic
   updates
 * idnszonerefresh: Default interval between regular polls of the
   name server for new DNS zones

https://fedorahosted.org/freeipa/ticket/2439
---
 API.txt                              |    5 ++++-
 ipalib/plugins/dns.py                |   21 ++++++++++++++++++++-
 tests/test_xmlrpc/test_dns_plugin.py |    6 +++++-
 3 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/API.txt b/API.txt
index f21dce7a81079a5f214ecb6a8e451eca4237af2e..363ba5a5edeb177e95cb2633b29689333f76a6be 100644
--- a/API.txt
+++ b/API.txt
@@ -611,8 +611,11 @@ output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: Output('result', <type 'bool'>, None)
 output: Output('value', <type 'unicode'>, None)
 command: dnsconfig_mod
-args: 0,8,3
+args: 0,11,3
 option: Str('idnsforwarders', attribute=True, autofill=False, cli_name='forwarder', csv=True, multivalue=True, required=False)
+option: StrEnum('idnsforwardpolicy', attribute=True, autofill=False, cli_name='forward_policy', multivalue=False, required=False, values=(u'only', u'first'))
+option: Bool('idnsallowsyncptr', attribute=True, autofill=False, cli_name='allow_sync_ptr', multivalue=False, required=False)
+option: Int('idnszonerefresh', attribute=True, autofill=False, cli_name='zone_refresh', minvalue=0, multivalue=False, required=False)
 option: Str('setattr*', cli_name='setattr', exclude='webui')
 option: Str('addattr*', cli_name='addattr', exclude='webui')
 option: Str('delattr*', cli_name='delattr', exclude='webui')
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 251db476ed3029759ffd2238ad33fc7320de4ef2..a1d495449d9ac616447c4b280b3efe63b13af8b8 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -2640,7 +2640,10 @@ class dnsconfig(LDAPObject):
     DNS global configuration object
     """
     object_name = _('DNS configuration options')
-    default_attributes = [ 'idnsforwarders', ]
+    default_attributes = [
+        'idnsforwardpolicy', 'idnsforwarders', 'idnsallowsyncptr',
+        'idnszonerefresh'
+    ]
 
     label = _('DNS Global Configuration')
     label_singular = _('DNS Global Configuration')
@@ -2654,6 +2657,22 @@ class dnsconfig(LDAPObject):
                   'for each forwarder using a standard format "IP_ADDRESS port PORT"'),
             csv=True,
         ),
+        StrEnum('idnsforwardpolicy?',
+            cli_name='forward_policy',
+            label=_('Forward policy'),
+            values=(u'only', u'first',),
+        ),
+        Bool('idnsallowsyncptr?',
+            cli_name='allow_sync_ptr',
+            label=_('Allow PTR sync'),
+            doc=_('Allow synchronization of forward (A, AAAA) and reverse (PTR) records'),
+        ),
+        Int('idnszonerefresh?',
+            cli_name='zone_refresh',
+            label=_('Zone refresh interval'),
+            doc=_('An interval between regular polls of the name server for new DNS zones'),
+            minvalue=0,
+        ),
     )
 
     def get_dn(self, *keys, **kwargs):
diff --git a/tests/test_xmlrpc/test_dns_plugin.py b/tests/test_xmlrpc/test_dns_plugin.py
index e3958d23f5b656b9c7a4a87fb23d5fa1051daafc..e310d31947c71a7e1fc4215e2c069904c1588003 100644
--- a/tests/test_xmlrpc/test_dns_plugin.py
+++ b/tests/test_xmlrpc/test_dns_plugin.py
@@ -66,7 +66,11 @@ class test_dns(Declarative):
         ('dnsrecord_del', [dnszone1, dnsres1], {'del_all' : True}),
         ('dnszone_del', [dnszone2], {}),
         ('dnszone_del', [revdnszone1], {}),
-        ('dnsconfig_mod', [], {'idnsforwarders' : None,})
+        ('dnsconfig_mod', [], {'idnsforwarders' : None,
+                               'idnsforwardpolicy' : None,
+                               'idnsallowsyncptr' : None,
+                               'idnszonerefresh' : None,
+                               })
     ]
 
     tests = [
-- 
1.7.7.6

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to