Due to compability with older versions, only IDNA domains should be
checked
Patch attached.
--
Martin^2 Basti
>From fd329148639ce5b5707f37d1b450597f3ca4bcb7 Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Wed, 18 Jun 2014 15:58:17 +0200
Subject: [PATCH] Check normalization only for IDNA domains
Backward compability with older IPA versions which allow to use uppper
case. Only IDNA domains will be checked.
---
ipalib/parameters.py | 24 ++++++++++++++----------
ipatests/test_xmlrpc/test_dns_plugin.py | 4 ++--
2 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/ipalib/parameters.py b/ipalib/parameters.py
index 1dff13cc1371c26208cacd8a7cbaf44634622e4a..ffd20fddae4257c51297f0221231aa2cadad9d58 100644
--- a/ipalib/parameters.py
+++ b/ipalib/parameters.py
@@ -1961,16 +1961,20 @@ class DNSNameParam(Param):
error = _('DNS label cannot be longer than 63 characters')
except dns.exception.SyntaxError:
error = _('invalid domain name')
-
- #compare if IDN normalized and original domain match
- #there is N:1 mapping between unicode and IDNA names
- #user should use normalized names to avoid mistakes
- normalized_domain_name = encodings.idna.nameprep(value)
- if value != normalized_domain_name:
- error = _("domain name '%(domain)s' and normalized domain name"
- " '%(normalized)s' do not match. Please use only"
- " normalized domains") % {'domain': value,
- 'normalized': normalized_domain_name}
+ else:
+ if domain_name.is_idn() or u'\xdf' in value:
+ #compare if IDN normalized and original domain match
+ #there is N:1 mapping between unicode and IDNA names
+ #user should use normalized names to avoid mistakes
+ # u'\xdf' is special case, german 'eszett' character, which
+ # is mapped to 'ss'
+ normalized_domain_name = encodings.idna.nameprep(value)
+ if value != normalized_domain_name:
+ error = _("domain name '%(domain)s' and normalized "
+ "domain name '%(normalized)s' do not match. "
+ "Please use only normalized IDNA domains") % {
+ 'domain': value,
+ 'normalized': normalized_domain_name}
if error:
raise ConversionError(name=self.get_param_name(), index=index,
error=error)
diff --git a/ipatests/test_xmlrpc/test_dns_plugin.py b/ipatests/test_xmlrpc/test_dns_plugin.py
index dd105990f0da2c7aa88c64d7fdc6b9be7b7f8885..9a09e33ff6296da7c60ea91525ddb2209c56ca2e 100644
--- a/ipatests/test_xmlrpc/test_dns_plugin.py
+++ b/ipatests/test_xmlrpc/test_dns_plugin.py
@@ -2432,11 +2432,11 @@ class test_dns(Declarative):
dict(
- desc='Add A denormalized record to %r in zone %r' % (idnres1, idnzone1),
+ desc='Add A denormalized record in zone %r' % (idnzone1),
command=('dnsrecord_add', [idnzone1, u'gro\xdf'], {'arecord': u'172.16.0.1'}),
expected=errors.ConversionError(name='name',
error=u'domain name \'gro\xdf\' and normalized domain name \'gross\''
- + ' do not match. Please use only normalized domains'),
+ + ' do not match. Please use only normalized IDNA domains'),
),
--
1.8.3.1
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
