[Freeipa-devel] [PATCH 0107-0108] Fix DNS wildcard validation
Petr Spacek
pspacek at redhat.com
Fri Sep 5 10:21:38 UTC 2014
On 3.9.2014 14:40, Martin Basti wrote:
> On 02/09/14 17:33, Petr Spacek wrote:
>> On 21.8.2014 10:58, Martin Basti wrote:
>>> On 21/08/14 08:43, Petr Spacek wrote:
>>>> On 20.8.2014 17:37, Martin Basti wrote:
>>>>> + # dissallowed wildcard (RFC 4592)
>>>>> + no_wildcard_rtypes = ['CNAME', 'DNAME', 'DS', 'NS']
>>>> NACK
>>>>
>>>> http://tools.ietf.org/html/rfc4592#section-4.3 doesn't forbid CNAME with
>>>> wildcard owner name. This subsection is is just a "note" for implementers
>>>> about proper wildcard handling.
>>>>
>>>> Sorry :-)
>>>>
>>> Thank you!
>>>
>>> Updated patches attached.
>>>
>>
>> # ipa dnsrecord-add ipa.example. '*' --ns-rec='ns'
>> ipa: ERROR: invalid 'idnsname': owner of DNAME, DS, NS records should not be
>> a wildcard domain name (RFC 4592)
>>
>> It would be nice to have more specific reference to RFC: 'RFC 4592 section 4'.
>>
>> CondACK: It can be pushed if you amend the error message.
>>
> Updated patch attached.
> Please push to branches: ipa 4.0.x, 4.1, master
The error message seems okay, it can be pushed.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list