[Freeipa-devel] [PATCHES] 91-92 Add support for RFC 6594 SSHFP DNS records
Rob Crittenden
rcritten at redhat.com
Wed Jan 23 22:45:53 UTC 2013
Jan Cholasta wrote:
> On 10.1.2013 05:56, Jan Cholasta wrote:
>> Hi,
>>
>> Patch 91 removes module ipapython.compat. The code that uses it doesn't
>> work with ancient Python versions anyway, so there's no need to keep it
>> around.
>>
>> Patch 92 adds support for automatic generation of RFC 6594 SSHFP DNS
>> records to ipa-client-install and host plugin, as described in
>> <http://freeipa.org/page/V3/RFC_6594_SSHFP_DNS_records>. Note that
>> <https://fedorahosted.org/freeipa/ticket/2642#comment:7> still applies.
>>
>> https://fedorahosted.org/freeipa/ticket/2642
>>
>> Honza
>>
>
> Self-NACK, forgot to actually remove ipapython/compat.py in the first
> patch. Also removed an unnecessary try block from the second patch.
>
> Honza
These look good. I'm a little concerned about the magic numbers in the
SSHFP code. I know these come from the RFCs. Can you add a comment there
so future developers know where the values for key type and fingerprint
type come from?
rob
More information about the Freeipa-devel
mailing list