Opened 5 years ago

Closed 5 years ago

#53 closed task (fixed)

Extend record handling from current "pure/strict"

Reported by: kdeugau Owned by:
Priority: major Milestone: 1.2.4
Version: Keywords:
Cc:

Description

Code to date, primarily for reverse zones, sharply limits what records it will allow to be edited (or added).

Extend the validation layers to allow any syntactically valid record in any zone, and

Consider adding a configuration knob to keep the current behaviour ("strict"), the primary extension allowing import, export, and editing ("relaxed"), and a wide-open "anything syntactically valid" mode ("open").

Change History (19)

comment:1 Changed 5 years ago by kdeugau

(In [602]) /trunk

Review and fix up handling of "any record, any zone" in AXFR import.
See #53.

comment:2 Changed 5 years ago by kdeugau

(In [603]) /trunk

Tweak record type dropdown list sub to include an entry for the type
passed in, even if that type would not normally be listed (typically
for reverse zones, which have a more limited type list). See #53.

comment:3 Changed 5 years ago by kdeugau

(In [610]) /trunk

Move a bunch of common code from _validate_1() into its own sub, since
we'll need to call it for any record that doesn't "belong" in a reverse
zone. And possibly the ones that do, too. See #53.

comment:4 Changed 5 years ago by kdeugau

(In [611]) /trunk

Move call to _check_hostname_form() into the individual validator subs;
it's easier to call it from those on the appropriate part(s) of the
record as needed rather than always calling it on just one part, and
then having to reproduce the per-record behaviours in _check_hostname_form().

See #53.

comment:5 Changed 5 years ago by kdeugau

(In [616]) /trunk

Update _validate_2() to handle any-record-in-any-zone, and handle
semigibberish reverse zone records that are syntactically valid.

See #53.

comment:6 Changed 5 years ago by kdeugau

(In [618]) /trunk

Update _validate_5() (CNAME) for any-record-in-any-zone. See #53.

comment:7 Changed 5 years ago by kdeugau

(In [620]) /trunk

Near-complete rewrite of _validate_12() (PTR) to support any-record-in-any-zone.
Introduce new default record template ARPAZONE for those times when you really
want something strange in all your reverse zones.

See #53.

comment:8 Changed 5 years ago by kdeugau

(In [622]) /trunk

Commit update to MX record validation for any-record-in-any-zone.
See #53.

comment:9 Changed 5 years ago by kdeugau

(In [623]) /trunk

Update _validate_16() (TXT) for any-record-in-any-zone. See #53.

comment:10 Changed 5 years ago by kdeugau

(In [626]) /trunk

Update _validate_28() (AAAA) for any-record-in-any-zone. See #53.

Also fix up a subtle potential bug in _validate_1(); don't use the passed-in
NetAddr::IP in $args{addr} as it may be something funky.

comment:11 Changed 5 years ago by kdeugau

(In [627]) /trunk

Update _validate_33() (SRV) for any-record-in-any-zone. See #53.

Also fix lurking bug in MX validation; MX-cannot-point-to-an-IP check was
checking the wrong record part for reverse records.

comment:12 Changed 5 years ago by kdeugau

(In [630]) /trunk

Add a bit more validation in _validate_65280() (A+PTR) Just In Case.
See #53.

A+PTR and AAAA+PTR can have stricter validation because they're logical
representations of pairs of matched records; if there's a mismatch then
they should automatically be coerced down to single A, AAAA, or PTR
records as appropriate.

comment:13 Changed 5 years ago by kdeugau

  • Resolution set to fixed
  • Status changed from new to closed

Primary goal tracked by this ticket is complete; all real record types should now be usable in either forward or reverse zones (no matter how silly it might be to have them there), and a hint of additional related validation is now done for the single-record pseudotypes.

Resolving and opened #54 for adding a configuration knob to control the validation strictness.

comment:14 Changed 5 years ago by kdeugau

  • Resolution fixed deleted
  • Status changed from closed to reopened

comment:15 Changed 5 years ago by kdeugau

Reopening, on review I haven't committed (m?)any changes outside the add/edit code path

comment:16 Changed 5 years ago by kdeugau

(In [632]) /trunk

Partly close a hole in validation of CNAMEs; a CNAME may not be used for
the root domain/zone (since a CNAME may not have sibling records for the
same FQDN). Checking for siblings is likely going to be trickier.

See #53, sort of.

comment:17 Changed 5 years ago by kdeugau

(In [634]) /trunk

Add commented fragment in _revswap() sub-sub in importAXFR() to fail on
multicharacter "nibbles" in IPv6 records, since they wouldn't generally
be reachable. However, any-record-in-any-zone means something harmlessly
bizarre may come in that is not reachable via "normal" reverse zone
lookups.

See #53.

comment:18 Changed 5 years ago by kdeugau

(In [637]) /trunk

Review and finalize cleanup of _printrec_tiny() for
any-record-in-any-zone. See #53.

comment:19 Changed 5 years ago by kdeugau

  • Resolution set to fixed
  • Status changed from reopened to closed

Calling this complete; can't recall any code paths that are not restricted-use and therefore exempt that are missing updates for this ticket. Resolving since I've called 1.2.4 complete and released.

Note: See TracTickets for help on using tickets.