Ticket: https://fedorahosted.org/freeipa/ticket/4771
Patch attached.
--
Martin Basti
From 66cafd74e9cf69630f882e6a23e1ebab11b0c096 Mon Sep 17 00:00:00 2001
From: Martin Basti mba...@redhat.com
Date: Thu, 27 Nov 2014 14:16:23 +0100
Subject: [PATCH] Throw zonemgr error message before installation proceeds
Ticket: https://fedorahosted.org/freeipa/ticket/4771
---
ipalib/parameters.py | 35 +--
ipalib/util.py | 45 +
2 files changed, 50 insertions(+), 30 deletions(-)
diff --git a/ipalib/parameters.py b/ipalib/parameters.py
index 0cf14a4cd2900459ccd5d6d52912960c642223aa..7fa55fd6a6854ffa97da211ca5ef04b7ad974dc4 100644
--- a/ipalib/parameters.py
+++ b/ipalib/parameters.py
@@ -112,7 +112,7 @@ from errors import ConversionError, RequirementError, ValidationError
from errors import PasswordMismatch, Base64DecodeError
from constants import TYPE_ERROR, CALLABLE_ERROR, LDAP_GENERALIZED_TIME_FORMAT
from text import Gettext, FixMe
-from util import json_serialize
+from util import json_serialize, validate_idna_domain
from ipapython.dn import DN
from ipapython.dnsutil import DNSName
import dns.name
@@ -1950,36 +1950,11 @@ class DNSNameParam(Param):
error = None
try:
-domain_name = DNSName(value)
-except dns.name.BadEscape:
-error = _('invalid escape code in domain name')
-except dns.name.EmptyLabel:
-error = _('empty DNS label')
-except dns.name.NameTooLong:
-error = _('domain name cannot be longer than 255 characters')
-except dns.name.LabelTooLong:
-error = _('DNS label cannot be longer than 63 characters')
-except dns.exception.SyntaxError:
-error = _('invalid domain name')
-else:
-#compare if IDN normalized and original domain match
-#there is N:1 mapping between unicode and IDNA names
-#user should use normalized names to avoid mistakes
-labels = re.split(u'[.\uff0e\u3002\uff61]', value, flags=re.UNICODE)
-try:
-map(lambda label: label.encode(ascii), labels)
-except UnicodeError:
-# IDNA
-is_nonnorm = any(encodings.idna.nameprep(x) != x for x in labels)
-if is_nonnorm:
-error = _(domain name '%(domain)s' should be normalized to
- : %(normalized)s) % {
- 'domain': value,
- 'normalized': '.'.join([encodings.idna.nameprep(x) for x in labels])}
-if error:
+validate_idna_domain(value)
+except ValueError as e:
raise ConversionError(name=self.get_param_name(), index=index,
- error=error)
-value = domain_name
+ error=unicode(e))
+value = DNSName(value)
if self.only_absolute and not value.is_absolute():
value = value.make_absolute()
diff --git a/ipalib/util.py b/ipalib/util.py
index 7a283106d70ba6a3e25cc7129d57b44b80876882..2c17d80a0427a5c7e45a6a0b64fa1f4d39fffa8a 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -28,6 +28,7 @@ import socket
import re
import decimal
import dns
+import encodings
import netaddr
from types import NoneType
from weakref import WeakKeyDictionary
@@ -277,6 +278,7 @@ def validate_zonemgr(zonemgr):
def validate_zonemgr_str(zonemgr):
zonemgr = normalize_zonemgr(zonemgr)
+validate_idna_domain(zonemgr)
zonemgr = DNSName(zonemgr)
return validate_zonemgr(zonemgr)
@@ -589,3 +591,46 @@ def validate_dnssec_forwarder(ip_addr):
return False
return True
+
+
+def validate_idna_domain(value):
+
+Validate if value is valid IDNA domain.
+
+If domain is not valid, raises ValueError
+:param value:
+:return:
+
+error = None
+
+try:
+DNSName(value)
+except dns.name.BadEscape:
+error = _('invalid escape code in domain name')
+except dns.name.EmptyLabel:
+error = _('empty DNS label')
+except dns.name.NameTooLong:
+error = _('domain name cannot be longer than 255 characters')
+except dns.name.LabelTooLong:
+error = _('DNS label cannot be longer than 63 characters')
+except dns.exception.SyntaxError:
+error = _('invalid domain name')
+else:
+#compare if IDN normalized and original domain match
+#there is N:1 mapping between unicode and IDNA names
+#user should use normalized names to avoid mistakes
+labels = re.split(u'[.\uff0e\u3002\uff61]', value, flags=re.UNICODE)
+try:
+map(lambda label: label.encode(ascii), labels)
+except UnicodeError:
+# IDNA
+