On 02/18/2013 12:47 PM, Sumit Bose wrote:
> On Mon, Feb 18, 2013 at 12:27:35PM +0100, Petr Spacek wrote:
>> On 15.2.2013 15:22, Ana Krivokapic wrote:
>>> Hello,
>>>
>>> The .isalpha() check in validate_domain_name() was too strict,
>>> causing some commands like ipa dnsrecord-add to fail.
>>>
>>> https://fedorahosted.org/freeipa/ticket/3385
>>
>> I would add --force option rather than removing whole check, if it's 
>> possible.
>>
>> Would it be possible to mention RFC in the error message? Something
>> like _('top level domain label must be alphabetic (RFC 1123 section
>> 2.1)')
>> ?
>>
>> IMHO it is handy, because it educates users.
> 
> The problem is that this check is always done on the last component of
> the domain_name even if it is just a sub-domain of the FreeIPA domain,
> where e.g. numbers are valid characters.
> 
> At the beginning of validate_domain_name() a trailing '.' is stripped
> away. iirc the trailing '.' is an indication for a complete, fully
> qualified name. Would it work if the presence of the trailing '.' is
> saved and the check is only done if there was a '.'?
> 
> bye,
> Sumit
> 

Sure. Though I am now not 100% sure that some IPA functions do not use this
validator with a fqdn hostname without trailing dot. If not, I am for fixing
this function as Sumit and Petr suggested.

Martin

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to