freeipa

Clone
Source Code
GIT

6c5530c DNSResolver: Fix use of nameservers with ports

2 files Authored by twoerner 2 years ago, Committed by frenaud 2 years ago,
raw patch tree parent
2 files changed. 81 lines added. 0 lines removed.
ipapython/dnsutil.py
file modified
+41 -0
ipatests/test_ipapython/test_dnsutil.py
file modified
+40 -0 
    DNSResolver: Fix use of nameservers with ports
    
    IPA DNS zone and forwardzone commands allow to use nameservers with ports
    as "SERVER_IP port PORT_NUMBER". bind is supporting this syntax, but the
    Resolver in dnspython that is used to verify the list of forwarders
    (nameservers) is only allowing to have IP addresses in this list. With
    dnspython version 2.20 there is a new validator in dns.resolver.BaseResolver
    that ensures this.
    
    Refs:
    - https://bind9.readthedocs.io/en/v9_18_4/reference.html#zone-statement-grammar
    - https://github.com/rthalley/dnspython/blob/master/dns/resolver.py#L1094
    
    ipapython/dnsutil.DNSResolver derives from dns.resolver.Resolver. The setter
    for nameservers has been overloaded in the DNSResolver class to split out
    the port numbers into the nameserver_ports dict { SERVER_IP: PORT_NUMBER }.
    After the setter for nameservers succeeded, nameserver_ports is set.
    nameserver_ports is used in the resolve() method of dns.resolver.Resolver.
    
    Additional tests have been added to verify that nameservers and also
    nameserver_ports are properly set and also valid.
    
    Fixes: https://pagure.io/freeipa/issue/9158
    
    Signed-off-by: Thomas Woerner <twoerner@redhat.com>
    Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
file modified
+41 -0
file modified
+40 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.