On Wed, 2012-02-29 at 10:56 +0100, Petr Viktorin wrote: > On 02/15/2012 12:57 PM, Martin Kosek wrote: > > On Wed, 2012-02-15 at 11:20 +0100, Petr Viktorin wrote: > >> This fixes https://fedorahosted.org/freeipa/ticket/2379 by using > >> inet_pton instead of inet_aton. > >> > > > > Yeah, this would fix the stricter checking. I planed to improve A/AAAA > > validation in a scope of this ticket, I plan to use CheckedIPAddress to > > be more consistent with the rest of the plugin. I made the change you > > just did in CheckedIPAddress already. > > > > My point is that we may want to be even stricter and forbid for example > > broadcast or multicast addresses to be placed to A/AAAA records. > > > > Martin > > > > That was a NACK; Martin wanted to this himself. >
I changed my mind, this approach is OK for now. Rejecting any multicast or broadcast addresses may be too restrictive, I would rather just follow the relevant RFC and just check the A record syntax in this case. Thus, your approach is sufficient. ACK. Pushed to master, ipa-2-2. Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel