On 02/18/2013 12:47 PM, Sumit Bose wrote:
> On Mon, Feb 18, 2013 at 12:27:35PM +0100, Petr Spacek wrote:
>> On 15.2.2013 15:22, Ana Krivokapic wrote:
>>> Hello,
>>> The .isalpha() check in validate_domain_name() was too strict,
>>> causing some commands like ipa dnsrecord-add to fail.
>>> https://fedorahosted.org/freeipa/ticket/3385
>> I would add --force option rather than removing whole check, if it's 
>> possible.
>> Would it be possible to mention RFC in the error message? Something
>> like _('top level domain label must be alphabetic (RFC 1123 section
>> 2.1)')
>> ?
>> IMHO it is handy, because it educates users.
> The problem is that this check is always done on the last component of
> the domain_name even if it is just a sub-domain of the FreeIPA domain,
> where e.g. numbers are valid characters.
> At the beginning of validate_domain_name() a trailing '.' is stripped
> away. iirc the trailing '.' is an indication for a complete, fully
> qualified name. Would it work if the presence of the trailing '.' is
> saved and the check is only done if there was a '.'?
> bye,
> Sumit

Sure. Though I am now not 100% sure that some IPA functions do not use this
validator with a fqdn hostname without trailing dot. If not, I am for fixing
this function as Sumit and Petr suggested.


Freeipa-devel mailing list

Reply via email to