[Freeipa-devel] [PATCH] 120 Improve DNS record data validation
Rob Crittenden
rcritten at redhat.com
Fri Nov 4 20:53:24 UTC 2011
Martin Kosek wrote:
> On Wed, 2011-10-19 at 15:38 -0400, Adam Young wrote:
>> On 10/19/2011 08:15 AM, Martin Kosek wrote:
>>> On Wed, 2011-09-07 at 15:18 +0200, Martin Kosek wrote:
>>>> On Wed, 2011-09-07 at 15:05 +0200, Martin Kosek wrote:
>>>>> This is 3.0 Core Effort Backlog patch.
>>>>>
>>>>> The changes to API may look scary, but it should be OK, I just added
>>>>> validators and normalizers. I found a lot of RR types unsupported by
>>>>> bind-dyndb-ldap. I implemented a validator telling this information to
>>>>> the user. I think the message is more user-friendly than the previous
>>>>> LDAP schema error.
>>>>>
>>>>> Enjoy the RFCs! :-)
>>>>>
>>>>> Martin
>>>>>
>>>>> ---
>>>>> Implement missing validators for DNS RR types so that we can capture
>>>>> at least basic user errors. Additionally, a normalizer creating
>>>>> a fully-qualified domain name has been implemented for several RRs
>>>>> to prevent this common user error.
>>>>>
>>>>> https://fedorahosted.org/freeipa/ticket/1106
>>>>>
>>>> I noticed a typo in format description for LOC record validation. A
>>>> fixed patch attached.
>>>>
>>>> Martin
>>> Rebased for current master.
>>>
>>> This patch is still waiting for review. As I would like to base my next
>>> DNS work (structured DNS commands) on this patch I would like to have it
>>> reviewed soon.
>>>
>>> Thanks,
>>> Martin
>>>
>>>
>>>
>>> _______________________________________________
>>> Freeipa-devel mailing list
>>> Freeipa-devel at redhat.com
>>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>>
>>
>> I've just given it a visual review, but it looks right. Probably
>> should have some unit tests to go with it for some of the more
>> commonly used types.
>
> Good idea. A, AAAA, NS records are already being checked, I added tests
> for MX and SRV records too.
>
> I also refactored DNS tests a little, there were many repeatedly using
> hard-coded values (like default zone manager) which would be hard to fix
> of anything changes.
>
> Martin
I can't tell what your intention is with the split for cname and dname
but it seems to allow just about any value.
I know there are a ton of data types but is it worthwhile to have a
positive and negative case for each to avoid regressions?
rob
More information about the Freeipa-devel
mailing list