[Freeipa-devel] [PATCH 0029-0046, 0047] Internationalized domain names in DNS plugin
Martin Basti
mbasti at redhat.com
Mon Jun 2 15:09:07 UTC 2014
On Mon, 2014-06-02 at 16:21 +0200, Jan Cholasta wrote:
> On 2.6.2014 13:50, Martin Basti wrote:
> > Rebased patches attached
> >
>
> I got this test failure:
>
> ======================================================================
> ERROR: test suite for <class
> 'ipatests.test_xmlrpc.test_dns_plugin.test_dns'>
> ----------------------------------------------------------------------
> Traceback (most recent call last):
> File "/usr/lib/python2.7/site-packages/nose/suite.py", line 208, in run
> self.setUp()
> File "/usr/lib/python2.7/site-packages/nose/suite.py", line 291, in setUp
> self.setupContext(ancestor)
> File "/usr/lib/python2.7/site-packages/nose/suite.py", line 314, in
> setupContext
> try_run(context, names)
> File "/usr/lib/python2.7/site-packages/nose/util.py", line 469, in
> try_run
> return func()
> File
> "/usr/lib/python2.7/site-packages/ipatests/test_xmlrpc/test_dns_plugin.py",
> line 214, in setUpClass
> force = True,
> File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 436,
> in __call__
> ret = self.run(*args, **options)
> File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 758,
> in run
> return self.forward(*args, **options)
> File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 779,
> in forward
> return self.Backend.rpcclient.forward(self.name, *args, **kw)
> File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 876, in
> forward
> return self._call_command(command, params)
> File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 853, in
> _call_command
> return command(*params)
> File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 993, in _call
> return self.__request(name, args)
> File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 987, in
> __request
> raise error_class(message=error['message'])
> DNSDataMismatch: DNS check failed: Expected {_kerberos.dnszone.test.
> 86400 IN TXT "IDM.LAB.BOS.REDHAT.COM"} got {None}
This is caused by wait_for_dns option. Try to set larger time limit, at
least 10sec.
>
> Patch 31:
>
> + #compare if IDN normalized and original domain match
> + #there is N:1 mapping between unicode and IDNA names
> + #user should use normalized names to avoid mistakes
> + normalized_domain_name = encodings.idna.nameprep(value)
> + if value != normalized_domain_name:
> + error = _("domain name '%(domain)s' and normalized
> domain name"
> + " '%(normalized)s' do not match. Please use only"
> + " normalized domains") % {'domain': value,
> + 'normalized': normalized_domain_name}
>
> I thought we decided to drop this check, because of IDNA 2008?
We decided not to change IDNA2003 to 2008, because registrators are more
strictly than both of the RFC standards, and this is part of 2003 which
makes it safer, and in some way more compatible with 2008 (like only
small caps, etc)
But German registrator allows only IDNA2008, Switzerland allows only
IDNA2003, so we have problem with 'ß' character, because it is encoded
differently.
For the IDNA2008, we need extra library out of standard python libs.
So we should support both, or use pure punycode algorithm to
encode/decode, because it has no limitation instead of IDNA standard.
I propose to file a new ticket.
>
> Patch 38:
>
> It seems you left out the normalize_zonemgr and normalize_zone
> modifications I have suggested. Is there a reason for this?
>
I left there original code, which works with strings.
I dont use normalize_zone in DNS plugin anymore. So it would be better
to work only with string, no conversion string to object and back to
string.
Should I modify normalize_zonemgr then? Old version works good, and code
will be little longer than your example.
--
Martin^2 Basti
More information about the Freeipa-devel
mailing list