From 16f1d20be2ec44802c63646459d3a409389e051a Mon Sep 17 00:00:00 2001 From: jorgepastorr Date: Mon, 26 Feb 2024 13:53:01 +0100 Subject: [PATCH] add CAA record on DNS --- orchestra/contrib/domains/models.py | 3 +++ orchestra/contrib/domains/validators.py | 22 ++++++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/orchestra/contrib/domains/models.py b/orchestra/contrib/domains/models.py index 9d099aa4..8af9de60 100644 --- a/orchestra/contrib/domains/models.py +++ b/orchestra/contrib/domains/models.py @@ -298,6 +298,7 @@ class Record(models.Model): TXT = 'TXT' SPF = 'SPF' SOA = 'SOA' + CAA = 'CAA' TYPE_CHOICES = ( (MX, "MX"), @@ -308,6 +309,7 @@ class Record(models.Model): (SRV, "SRV"), (TXT, "TXT"), (SPF, "SPF"), + (CAA, "CAA"), ) VALIDATORS = { @@ -320,6 +322,7 @@ class Record(models.Model): SPF: (validate_ascii, validators.validate_quoted_record), SRV: (validators.validate_srv_record,), SOA: (validators.validate_soa_record,), + CAA: (validators.validate_caa_record,), } domain = models.ForeignKey(Domain, verbose_name=_("domain"), related_name='records', on_delete=models.CASCADE) diff --git a/orchestra/contrib/domains/validators.py b/orchestra/contrib/domains/validators.py index 4722493a..cf34e86e 100644 --- a/orchestra/contrib/domains/validators.py +++ b/orchestra/contrib/domains/validators.py @@ -105,6 +105,28 @@ def validate_soa_record(value): raise ValidationError(msg) +def validate_caa_record(value): + # 0-255 issue|issuewild|iodef "domain|mailto:email" + # 0 issue "letsewncript.org" + msg = _("%s is not an appropiate CAA record value, sintax: 0-255 issue|issuewild|iodef \"domain|mailto:email\"") % value + values = value.split() + if len(values) != 3: + raise ValidationError(msg) + + patron_flag = r'^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$' + patron_tag = r'^(issue|issuewild|iodef)$' + patron_value_domain = r'^"[a-zA-Z0-9-.]+\.[a-zA-Z]+\.?"$' + patron_value_mailto = r'^"mailto:[a-zA-Z0-9.]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}"$' + flag = re.match(patron_flag, values[0]) + tag = re.match(patron_tag, values[1]) + if values[1] == 'iodef': + valor = re.match(patron_value_mailto, values[2]) + else: + valor = re.match(patron_value_domain, values[2]) + if not (flag and tag and valor): + raise ValidationError(msg) + + def validate_quoted_record(value): value = value.strip() if ' ' in value and (value[0] != '"' or value[-1] != '"'):