[Freeipa-devel] [PATCH] 41 During ipa-client-install verify forward and reverse dns lookup of server
JR Aquino
JR.Aquino at citrix.com
Mon Feb 27 23:07:24 UTC 2012
On Feb 27, 2012, at 1:29 PM, Rob Crittenden wrote:
> JR Aquino wrote:
>> On Feb 27, 2012, at 8:43 AM, Rob Crittenden wrote:
>>
>>> JR Aquino wrote:
>>>> ipa-server-install has a method for validating forward and reverse via ipaserver/install/installutils.py
>>>> ipa-client-install does not currently have an equivalent
>>>> This patch adds valid_dns to ipapython/ipautil.py to validate foward and reverse DNS
>>>> This patch adds the valid_dns test in ipa-client/ipa-install/ipa-client-install to validate the dns of the FreeIPA server
>>>>
>>>> https://fedorahosted.org/freeipa/ticket/2438
>>>
>>> Would it make sense to use verify_fqdn() from installutils.py?
>>
>> Ya, I thought about that initially.
>>
>> It cannot be done for the problem we are trying to solve.
>>
>> ipaserver/install/installutils.py
>>
>> ^ This only comes along via the installation of the server package.
>>
>>> We'd need to move this to ipapython to be usable by the client but it would do a lot more checking and no code duplication.
>>
>>
>> We are trying to make sure that ipa-client-install on Client systems are capable of doing the fwd/reverse and they don't receive any of the server rpms.
>>
>> That is why this patch add's this functionality to ipapython.
>
> I was thinking move verify_fqdn entirely into ipapython which is shared between the client and server. That way we have shared code for verifying hostnames during installation.
>
> rob
Reformatted patch per Rob's request to move verify_fqnd() into a shared space:
ipa-server-install has a method for validating forward and reverse via ipaserver/install/installutils.py
ipa-client-install does not currently have an equivalent
This patch moves verify_fqdn() from installutils.py to ipapython/ipautil.py to validate foward and reverse DNS
This patch adds the verify_fqdn() test in ipa-client/ipa-install/ipa-client-install to validate the dns of the FreeIPA server
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jraquino-0041-During-ipa-client-install-verify-forward-and-reve.patch
Type: application/octet-stream
Size: 11690 bytes
Desc: freeipa-jraquino-0041-During-ipa-client-install-verify-forward-and-reve.patch
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120227/7631ac49/attachment.obj>
More information about the Freeipa-devel
mailing list