[Freeipa-devel] [PATCH 0107-0108] Fix DNS wildcard validation
Petr Spacek
pspacek at redhat.com
Tue Sep 2 15:33:46 UTC 2014
On 21.8.2014 10:58, Martin Basti wrote:
> On 21/08/14 08:43, Petr Spacek wrote:
>> On 20.8.2014 17:37, Martin Basti wrote:
>>> + # dissallowed wildcard (RFC 4592)
>>> + no_wildcard_rtypes = ['CNAME', 'DNAME', 'DS', 'NS']
>> NACK
>>
>> http://tools.ietf.org/html/rfc4592#section-4.3 doesn't forbid CNAME with
>> wildcard owner name. This subsection is is just a "note" for implementers
>> about proper wildcard handling.
>>
>> Sorry :-)
>>
> Thank you!
>
> Updated patches attached.
>
# ipa dnsrecord-add ipa.example. '*' --ns-rec='ns'
ipa: ERROR: invalid 'idnsname': owner of DNAME, DS, NS records should not be a
wildcard domain name (RFC 4592)
It would be nice to have more specific reference to RFC: 'RFC 4592 section 4'.
CondACK: It can be pushed if you amend the error message.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list