[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-devel] [PATCH] 41 During ipa-client-install verify forward and reverse dns lookup of server



On Feb 27, 2012, at 1:29 PM, Rob Crittenden wrote:

> JR Aquino wrote:
>> On Feb 27, 2012, at 8:43 AM, Rob Crittenden wrote:
>> 
>>> JR Aquino wrote:
>>>> ipa-server-install has a method for validating forward and reverse via ipaserver/install/installutils.py
>>>> ipa-client-install does not currently have an equivalent
>>>> This patch adds valid_dns to ipapython/ipautil.py to validate foward and reverse DNS
>>>> This patch adds the valid_dns test in ipa-client/ipa-install/ipa-client-install to validate the dns of the FreeIPA server
>>>> 
>>>> https://fedorahosted.org/freeipa/ticket/2438
>>> 
>>> Would it make sense to use verify_fqdn() from installutils.py?
>> 
>> Ya, I thought about that initially.
>> 
>> It cannot be done for the problem we are trying  to solve.
>> 
>> ipaserver/install/installutils.py
>> 
>> ^ This only comes along via the installation of the server package.
>> 
>>> We'd need to move this to ipapython to be usable by the client but it would do a lot more checking and no code duplication.
>> 
>> 
>> We are trying to make sure that ipa-client-install on Client systems are capable of doing the fwd/reverse and they don't receive any of the server rpms.
>> 
>> That is why this patch add's this functionality to ipapython.
> 
> I was thinking move verify_fqdn entirely into ipapython which is shared between the client and server. That way we have shared code for verifying hostnames during installation.
> 
> rob


Reformatted patch per Rob's request to move verify_fqnd() into a shared space:

ipa-server-install has a method for validating forward and reverse via ipaserver/install/installutils.py
ipa-client-install does not currently have an equivalent
This patch moves verify_fqdn() from installutils.py to ipapython/ipautil.py to validate foward and reverse DNS
This patch adds the verify_fqdn() test in ipa-client/ipa-install/ipa-client-install to validate the dns of the FreeIPA server


Attachment: bincFISRACWCG.bin
Description: freeipa-jraquino-0041-During-ipa-client-install-verify-forward-and-reve.patch


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]