[Freeipa-devel] [PATCHES 0024, 0025] Classless support for reverse domains
Jan Cholasta
jcholast at redhat.com
Thu Feb 6 09:59:08 UTC 2014
Hi,
On 31.1.2014 16:06, Martin Basti wrote:
> Reverse domain names in form "0/28.0.10.10.in-addr.arpa." are now
> allowed.
>
> Ticket: https://fedorahosted.org/freeipa/ticket/4143
> Patches attached.
I think the validation should be more strict. IPv4 reverse zones should
allow slash only in the label for the last octet (i.e. 0/25.1.168.192 is
valid, 0.1/25.168.192 is not). IPv6 reverse zones should not allow slash
at all.
+def _cname_hostname_validator(ugettext, value):
Can you name this _bind_cname_hostname_validator, so that it is clear it
is related to _bind_hostname_validator?
+ #classless reverse zones can contain slash '/'
+ if not zone_is_reverse(normalized_zone) and
(normalized_zone.count('/') > 0):
+ raise errors.ValidationError(name='name',
+ error=_("Only reverse zones can contain '/' in
labels"))
This should be handled in _domain_name_validator. Validation in
pre_callback should be done only when the validation depends on values
of multiple parameters, which is not this case.
+ def _reverse_zone_pre_callback(self, ldap, dn, entry_attrs, *keys,
**options):
Rename this to _idnsname_pre_callback and you won't have to call it
explicitly in run_precallback_validators.
+ if addr.count('/') > 0:
I think "if '/' in addr:" would be better.
-def validate_dns_label(dns_label, allow_underscore=False):
+def validate_dns_label(dns_label, allow_underscore=False,
allow_slash=False):
IMO instead of adding a new boolean argument, it would be nicer to
replace allow_underscore with an argument (e.g. allowed_chars) which
takes a string of extra allowed characters.
Honza
--
Jan Cholasta
More information about the Freeipa-devel
mailing list