To test, simply run the following command:

 ipa dnszone-mod example.com --serial=4294967295

This should work well on patched server&client. Web UI should work too as it
reads the max limit dynamically.

---
[PATCH 2/2] Fix DNS SOA serial parameters boundaries:

Set correct boundaries for DNS SOA serial parameters (see RFC 1035,
2181).


[PATCH 1/2] Transfer long numbers over XMLRPC

Numeric parameters in ipalib were limited by XMLRPC boundaries for
integer (2^31-1) which is too low for some LDAP attributes like DNS
SOA serial field.

Transfer numbers which are not in XMLRPC boundary as a string and not
as a number to workaround this limitation. Int parameter had to be
updated to also accept Python's long type as valid int type.

>From 8782015a17b130c5ebae8b014a7241810b10dedd Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Tue, 4 Sep 2012 15:49:26 +0200
Subject: [PATCH 1/2] Transfer long numbers over XMLRPC

Numeric parameters in ipalib were limited by XMLRPC boundaries for
integer (2^31-1) which is too low for some LDAP attributes like DNS
SOA serial field.

Transfer numbers which are not in XMLRPC boundary as a string and not
as a number to workaround this limitation. Int parameter had to be
updated to also accept Python's long type as valid int type.

https://fedorahosted.org/freeipa/ticket/2568
---
 ipalib/parameters.py | 12 ++++++------
 ipalib/rpc.py        |  5 ++++-
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/ipalib/parameters.py b/ipalib/parameters.py
index de0d14faf08d1ab79c99e65dab9cc08f406e3a1d..21e30356b2a351bf7a3be7d47d7fabf0130cf6d4 100644
--- a/ipalib/parameters.py
+++ b/ipalib/parameters.py
@@ -1077,7 +1077,7 @@ class Number(Param):
         """
         if type(value) is self.type:
             return value
-        if type(value) in (unicode, int, float):
+        if type(value) in (unicode, int, long, float):
             try:
                 return self.type(value)
             except ValueError:
@@ -1099,8 +1099,8 @@ class Int(Number):
     type_error = _('must be an integer')
 
     kwargs = Param.kwargs + (
-        ('minvalue', int, int(MININT)),
-        ('maxvalue', int, int(MAXINT)),
+        ('minvalue', (int, long), int(MININT)),
+        ('maxvalue', (int, long), int(MAXINT)),
     )
 
     def __init__(self, name, *rules, **kw):
@@ -1147,7 +1147,7 @@ class Int(Number):
         Check min constraint.
         """
         assert type(value) in (int, long)
-        if value < self.minvalue or value < MININT:
+        if value < self.minvalue:
             return _('must be at least %(minvalue)d') % dict(
                 minvalue=self.minvalue,
             )
@@ -1157,7 +1157,7 @@ class Int(Number):
         Check max constraint.
         """
         assert type(value) in (int, long)
-        if value > self.maxvalue or value > MAXINT:
+        if value > self.maxvalue:
             return _('can be at most %(maxvalue)d') % dict(
                 maxvalue=self.maxvalue,
             )
@@ -1490,7 +1490,7 @@ class Str(Data):
         """
         if type(value) is self.type:
             return value
-        if type(value) in (int, float, decimal.Decimal):
+        if type(value) in (int, long, float, decimal.Decimal):
             return self.type(value)
         if type(value) in (tuple, list):
             raise ConversionError(name=self.name, index=index,
diff --git a/ipalib/rpc.py b/ipalib/rpc.py
index d1764e3e30492d5855450398e86689bfcad7aa39..85239ac65903acf447a4d971cce70f819979ce8d 100644
--- a/ipalib/rpc.py
+++ b/ipalib/rpc.py
@@ -37,7 +37,8 @@ import sys
 import os
 import errno
 import locale
-from xmlrpclib import Binary, Fault, dumps, loads, ServerProxy, Transport, ProtocolError
+from xmlrpclib import (Binary, Fault, dumps, loads, ServerProxy, Transport,
+        ProtocolError, MININT, MAXINT)
 import kerberos
 from dns import resolver, rdatatype
 from dns.exception import DNSException
@@ -94,6 +95,8 @@ def xml_wrap(value):
     if type(value) is Decimal:
         # transfer Decimal as a string
         return unicode(value)
+    if isinstance(value, (int, long)) and (value < MININT or value > MAXINT):
+        return unicode(value)
     if isinstance(value, DN):
         return str(value)
     assert type(value) in (unicode, int, float, bool, NoneType)
-- 
1.7.11.4

>From bbfbd9ee11b38e29dee018e72f39fd5bfab39b2d Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Tue, 4 Sep 2012 16:05:34 +0200
Subject: [PATCH 2/2] Fix DNS SOA serial parameters boundaries

Set correct boundaries for DNS SOA serial parameters (see RFC 1035,
2181).

https://fedorahosted.org/freeipa/ticket/2568
---
 API.txt               | 36 ++++++++++++++++++------------------
 ipalib/plugins/dns.py |  8 +++++++-
 2 files changed, 25 insertions(+), 19 deletions(-)

diff --git a/API.txt b/API.txt
index aef12b7eb6e458d614c84ba20d782ef3154c09f0..cfdfaae708b0ef93c9d4cad603de68d69875d1a7 100644
--- a/API.txt
+++ b/API.txt
@@ -1014,12 +1014,12 @@ arg: Str('idnsname', attribute=True, cli_name='name', multivalue=False, primary_
 option: Str('name_from_ip', attribute=False, cli_name='name_from_ip', multivalue=False, required=False)
 option: Str('idnssoamname', attribute=True, cli_name='name_server', multivalue=False, required=True)
 option: Str('idnssoarname', attribute=True, cli_name='admin_email', multivalue=False, required=True)
-option: Int('idnssoaserial', attribute=True, autofill=True, cli_name='serial', minvalue=1, multivalue=False, required=True)
-option: Int('idnssoarefresh', attribute=True, autofill=True, cli_name='refresh', default=3600, minvalue=0, multivalue=False, required=True)
-option: Int('idnssoaretry', attribute=True, autofill=True, cli_name='retry', default=900, minvalue=0, multivalue=False, required=True)
-option: Int('idnssoaexpire', attribute=True, autofill=True, cli_name='expire', default=1209600, minvalue=0, multivalue=False, required=True)
-option: Int('idnssoaminimum', attribute=True, autofill=True, cli_name='minimum', default=3600, maxvalue=10800, minvalue=0, multivalue=False, required=True)
-option: Int('dnsttl', attribute=True, cli_name='ttl', multivalue=False, required=False)
+option: Int('idnssoaserial', attribute=True, autofill=True, cli_name='serial', maxvalue=4294967295, minvalue=1, multivalue=False, required=True)
+option: Int('idnssoarefresh', attribute=True, autofill=True, cli_name='refresh', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, required=True)
+option: Int('idnssoaretry', attribute=True, autofill=True, cli_name='retry', default=900, maxvalue=2147483647, minvalue=0, multivalue=False, required=True)
+option: Int('idnssoaexpire', attribute=True, autofill=True, cli_name='expire', default=1209600, maxvalue=2147483647, minvalue=0, multivalue=False, required=True)
+option: Int('idnssoaminimum', attribute=True, autofill=True, cli_name='minimum', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, required=True)
+option: Int('dnsttl', attribute=True, cli_name='ttl', maxvalue=2147483647, minvalue=0, multivalue=False, required=False)
 option: StrEnum('dnsclass', attribute=True, cli_name='class', multivalue=False, required=False, values=(u'IN', u'CS', u'CH', u'HS'))
 option: Str('idnsupdatepolicy', attribute=True, autofill=True, cli_name='update_policy', multivalue=False, required=False)
 option: Bool('idnsallowdynupdate', attribute=True, autofill=True, cli_name='dynamic_update', default=False, multivalue=False, required=False)
@@ -1070,12 +1070,12 @@ option: Str('idnsname', attribute=True, autofill=False, cli_name='name', multiva
 option: Str('name_from_ip', attribute=False, autofill=False, cli_name='name_from_ip', multivalue=False, query=True, required=False)
 option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', multivalue=False, query=True, required=False)
 option: Str('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', multivalue=False, query=True, required=False)
-option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', minvalue=1, multivalue=False, query=True, required=False)
-option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, minvalue=0, multivalue=False, query=True, required=False)
-option: Int('idnssoaretry', attribute=True, autofill=False, cli_name='retry', default=900, minvalue=0, multivalue=False, query=True, required=False)
-option: Int('idnssoaexpire', attribute=True, autofill=False, cli_name='expire', default=1209600, minvalue=0, multivalue=False, query=True, required=False)
-option: Int('idnssoaminimum', attribute=True, autofill=False, cli_name='minimum', default=3600, maxvalue=10800, minvalue=0, multivalue=False, query=True, required=False)
-option: Int('dnsttl', attribute=True, autofill=False, cli_name='ttl', multivalue=False, query=True, required=False)
+option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', maxvalue=4294967295, minvalue=1, multivalue=False, query=True, required=False)
+option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, query=True, required=False)
+option: Int('idnssoaretry', attribute=True, autofill=False, cli_name='retry', default=900, maxvalue=2147483647, minvalue=0, multivalue=False, query=True, required=False)
+option: Int('idnssoaexpire', attribute=True, autofill=False, cli_name='expire', default=1209600, maxvalue=2147483647, minvalue=0, multivalue=False, query=True, required=False)
+option: Int('idnssoaminimum', attribute=True, autofill=False, cli_name='minimum', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, query=True, required=False)
+option: Int('dnsttl', attribute=True, autofill=False, cli_name='ttl', maxvalue=2147483647, minvalue=0, multivalue=False, query=True, required=False)
 option: StrEnum('dnsclass', attribute=True, autofill=False, cli_name='class', multivalue=False, query=True, required=False, values=(u'IN', u'CS', u'CH', u'HS'))
 option: Str('idnsupdatepolicy', attribute=True, autofill=False, cli_name='update_policy', multivalue=False, query=True, required=False)
 option: Bool('idnszoneactive', attribute=True, autofill=False, cli_name='zone_active', multivalue=False, query=True, required=False)
@@ -1102,12 +1102,12 @@ arg: Str('idnsname', attribute=True, cli_name='name', multivalue=False, primary_
 option: Str('name_from_ip', attribute=False, autofill=False, cli_name='name_from_ip', multivalue=False, required=False)
 option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', multivalue=False, required=False)
 option: Str('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', multivalue=False, required=False)
-option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', minvalue=1, multivalue=False, required=False)
-option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, minvalue=0, multivalue=False, required=False)
-option: Int('idnssoaretry', attribute=True, autofill=False, cli_name='retry', default=900, minvalue=0, multivalue=False, required=False)
-option: Int('idnssoaexpire', attribute=True, autofill=False, cli_name='expire', default=1209600, minvalue=0, multivalue=False, required=False)
-option: Int('idnssoaminimum', attribute=True, autofill=False, cli_name='minimum', default=3600, maxvalue=10800, minvalue=0, multivalue=False, required=False)
-option: Int('dnsttl', attribute=True, autofill=False, cli_name='ttl', multivalue=False, required=False)
+option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', maxvalue=4294967295, minvalue=1, multivalue=False, required=False)
+option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, required=False)
+option: Int('idnssoaretry', attribute=True, autofill=False, cli_name='retry', default=900, maxvalue=2147483647, minvalue=0, multivalue=False, required=False)
+option: Int('idnssoaexpire', attribute=True, autofill=False, cli_name='expire', default=1209600, maxvalue=2147483647, minvalue=0, multivalue=False, required=False)
+option: Int('idnssoaminimum', attribute=True, autofill=False, cli_name='minimum', default=3600, maxvalue=2147483647, minvalue=0, multivalue=False, required=False)
+option: Int('dnsttl', attribute=True, autofill=False, cli_name='ttl', maxvalue=2147483647, minvalue=0, multivalue=False, required=False)
 option: StrEnum('dnsclass', attribute=True, autofill=False, cli_name='class', multivalue=False, required=False, values=(u'IN', u'CS', u'CH', u'HS'))
 option: Str('idnsupdatepolicy', attribute=True, autofill=False, cli_name='update_policy', multivalue=False, required=False)
 option: Bool('idnsallowdynupdate', attribute=True, autofill=False, cli_name='dynamic_update', default=False, multivalue=False, required=False)
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 3987001f06dba1bcc5a311243e4f1fdcf83091c7..01af7697fa8356d6b86b10d52436dd82b1c88c98 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -1588,6 +1588,7 @@ class dnszone(LDAPObject):
             label=_('SOA serial'),
             doc=_('SOA record serial number'),
             minvalue=1,
+            maxvalue=4294967295,
             default_from=_create_zone_serial,
             autofill=True,
         ),
@@ -1596,6 +1597,7 @@ class dnszone(LDAPObject):
             label=_('SOA refresh'),
             doc=_('SOA record refresh time'),
             minvalue=0,
+            maxvalue=2147483647,
             default=3600,
             autofill=True,
         ),
@@ -1604,6 +1606,7 @@ class dnszone(LDAPObject):
             label=_('SOA retry'),
             doc=_('SOA record retry time'),
             minvalue=0,
+            maxvalue=2147483647,
             default=900,
             autofill=True,
         ),
@@ -1613,6 +1616,7 @@ class dnszone(LDAPObject):
             doc=_('SOA record expire time'),
             default=1209600,
             minvalue=0,
+            maxvalue=2147483647,
             autofill=True,
         ),
         Int('idnssoaminimum',
@@ -1621,13 +1625,15 @@ class dnszone(LDAPObject):
             doc=_('How long should negative responses be cached'),
             default=3600,
             minvalue=0,
-            maxvalue=10800,
+            maxvalue=2147483647,
             autofill=True,
         ),
         Int('dnsttl?',
             cli_name='ttl',
             label=_('SOA time to live'),
             doc=_('SOA record time to live'),
+            minvalue=0,
+            maxvalue=2147483647, # see RFC 2181
         ),
         StrEnum('dnsclass?',
             cli_name='class',
-- 
1.7.11.4

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to