[Freeipa-devel] [PATCH 0146] Fix internal errors in host-add and other commands caused by DNS resolutio

[Petr Spacek]

Hello,

Fix internal errors in host-add and other commands caused by DNS resolution

Previously resolver was returning CheckedIPAddress objects. This
internal server error in cases where DNS actually returned reserved IP
addresses.

Now the resolver is returning UnsafeIPAddress objects which do syntactic
checks but do not filter IP addresses.

>From now on we can decide if some IP address should be accepted as-is or
if it needs to be contrained to some subset of IP addresses using
CheckedIPAddress class.

This regression was caused by changes for
https://fedorahosted.org/freeipa/ticket/5710



I've split parser and checks into separate classes. Attached script
CheckedIPAddressRefactoring.py uses python-hypothesis to compare results from
old and new implementations. It seems that all valid inputs return the very
same results. The new implementation is a bit stricter when it comes to
invalid inputs (parse_netmask=False & addr=IPNetwork instance) but as far as I
can tell this case could not happen in current IPA anyway.

ipa-server-install, ipa-client-install, ipa-replica-install, and
ipa-ca-install on replica seem to work. DNS records for ipa-ca were properly
updated after replica installation. Also installation on server without A/AAAA
record in DNS and subsequent ipa-dns-install worked just fine.

-- 
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pspacek-0146-Fix-internal-errors-in-host-add-and-other-commands-c.patch
Type: text/x-patch
Size: 13245 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160630/23cc4981/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CheckedIPAddressRefactoring.py
Type: text/x-python
Size: 14480 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160630/23cc4981/attachment.py>