[Freeipa-devel] [PATCHES 0084-0086] NSEC3PARAM DNS record should be in DNS zone settings
Petr Vobornik
pvoborni at redhat.com
Wed Jul 2 08:49:19 UTC 2014
On 1.7.2014 15:15, Martin Basti wrote:
> On Tue, 2014-07-01 at 14:24 +0200, Martin Basti wrote:
>> Ticket: https://fedorahosted.org/freeipa/ticket/4413
>> Patches attached
>
> Rebased patches attached
>
Besides #1, mostly minor stuff.
1. The regex r'^\d+ \d+ \d+ ([0-9a-fA-F]+|-)$' should be extended to
validate even number of hex chars, e.g.:
"^\d+ \d+ \d+ ((([0-9a-fA-F]{2})+)|-)$"
Should be then also reflected in _nsec3param_errmsg
This change will make Web UI more usable.
2. abbreviation 'alg' in 'hash_alg' is not so common as, for example,
'arg'. Full 'hash_algorithm' is more clear, there is enough space.
+ doc=_('NSEC3PARAM record for zone in format: hash_alg flags
iterations salt'),
3. I think we should rather catch TypeError
+ try:
+ binascii.a2b_hex(salt)
+ except Exception, e:
+ return _('salt value: %(err)s') % {'err': e}
4. Extra empty line
+ pattern_errmsg=_nsec3param_errmsg,
+
+ ),
Unrelated:
5. IMO framework should be extended to support translations in
`pattern_errmsg`
--
Petr Vobornik
More information about the Freeipa-devel
mailing list