subject:"\[Freeipa\-devel\] \[PATCH\] 061 Validate NAPTR records"

Re: [Freeipa-devel] [PATCH] 061 Validate NAPTR records

2011-02-22 Thread Jakub Hrozek

On Mon, Feb 21, 2011 at 01:18:07PM -0500, Rob Crittenden wrote:
 Jakub Hrozek wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 I'm not sure about checking the flags - this might be a little too much
 validation.
 
 https://fedorahosted.org/freeipa/ticket/840
 
 I think the flags length check needs to change. I would do this instead:
 
 flags = flags.replace('','')
 
 Otherwise someone might try to pass in the flags 'SAU' and all that
 would get set is A.
 
 rob

OK, that's much better. New patch attached.
From aaeb347cfa015783606058a29b2009cf6306d578 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Fri, 18 Feb 2011 11:00:36 +0100
Subject: [PATCH] Validate NAPTR records

https://fedorahosted.org/freeipa/ticket/840
---
 API.txt   |8 
 ipalib/plugins/dns.py |   26 ++
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/API.txt b/API.txt
index b7ea174..56cbb8b 100644
--- a/API.txt
+++ b/API.txt
@@ -515,7 +515,7 @@ option: List('keyrecord?', attribute=True, 
cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', 
attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', 
label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, 
cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', 
doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
 option: List('mxrecord?', _validate_mx, attribute=True, 
cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, 
cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', 
multivalue=True)
-option: List('naptrrecord?', attribute=True, 
cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', 
doc='comma-separated list of NAPTR records', label='NAPTR record', 
multivalue=True)
+option: List('naptrrecord?', _validate_naptr, attribute=True, 
cli_name='naptr_rec',ist('naptrrecord?', _validate_naptr, attribute=True, 
cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR 
record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', 
attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', 
label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, 
cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', 
doc='comma-separated list of NSEC records', label='NSEC record', 
multivalue=True)
 option: List('nsec3record?', attribute=True, 
cli_name='nsec3_rec',ist('nsec3record?', attribute=True, cli_name='nsec3_rec', 
doc='comma-separated list of NSEC3 records', label='NSEC3 record', 
multivalue=True)
@@ -559,7 +559,7 @@ option: List('keyrecord?', attribute=True, 
cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', 
attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', 
label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, 
cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', 
doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
 option: List('mxrecord?', _validate_mx, attribute=True, 
cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, 
cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', 
multivalue=True)
-option: List('naptrrecord?', attribute=True, 
cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', 
doc='comma-separated list of NAPTR records', label='NAPTR record', 
multivalue=True)
+option: List('naptrrecord?', _validate_naptr, attribute=True, 
cli_name='naptr_rec',ist('naptrrecord?', _validate_naptr, attribute=True, 
cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR 
record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', 
attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', 
label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, 
cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', 
doc='comma-separated list of NSEC records', label='NSEC record', 
multivalue=True)
 option: List('nsec3record?', attribute=True, 
cli_name='nsec3_rec',ist('nsec3record?', attribute=True, cli_name='nsec3_rec', 
doc='comma-separated list of NSEC3 records', label='NSEC3 record', 
multivalue=True)
@@ -604,7 +604,7 @@ option: List('keyrecord?', attribute=True, 
cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', 
attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', 
label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, 
cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', 
doc='comma-separated

Re: [Freeipa-devel] [PATCH] 061 Validate NAPTR records

2011-02-22 Thread Rob Crittenden


Jakub Hrozek wrote:

On Mon, Feb 21, 2011 at 01:18:07PM -0500, Rob Crittenden wrote:

Jakub Hrozek wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I'm not sure about checking the flags - this might be a little too much
validation.

https://fedorahosted.org/freeipa/ticket/840


I think the flags length check needs to change. I would do this instead:

flags = flags.replace('','')

Otherwise someone might try to pass in the flags 'SAU' and all that
would get set is A.

rob


OK, that's much better. New patch attached.


ack, pushed to master

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 061 Validate NAPTR records

2011-02-21 Thread Rob Crittenden


Jakub Hrozek wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I'm not sure about checking the flags - this might be a little too much
validation.

https://fedorahosted.org/freeipa/ticket/840


I think the flags length check needs to change. I would do this instead:

flags = flags.replace('','')

Otherwise someone might try to pass in the flags 'SAU' and all that 
would get set is A.


rob

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 061 Validate NAPTR records

2011-02-18 Thread Jakub Hrozek

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I'm not sure about checking the flags - this might be a little too much
validation.

https://fedorahosted.org/freeipa/ticket/840
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk1eY7MACgkQHsardTLnvCUDvwCgipqeB9MLUJqm/LZnVhlmAxRi
rQ8AnjzZLU41MqL8lahQhWUEFJurtvBI
=7rSZ
-END PGP SIGNATURE-
From a0fa22d28602d09c9cb8358a9ef7876e3029b171 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Fri, 18 Feb 2011 11:00:36 +0100
Subject: [PATCH] Validate NAPTR records

https://fedorahosted.org/freeipa/ticket/840
---
 API.txt   |8 
 ipalib/plugins/dns.py |   26 ++
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/API.txt b/API.txt
index 1f956ec..91b33c1 100644
--- a/API.txt
+++ b/API.txt
@@ -515,7 +515,7 @@ option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
 option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
-option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
+option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec',ist('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True)
 option: List('nsec3record?', attribute=True, cli_name='nsec3_rec',ist('nsec3record?', attribute=True, cli_name='nsec3_rec', doc='comma-separated list of NSEC3 records', label='NSEC3 record', multivalue=True)
@@ -559,7 +559,7 @@ option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
 option: List('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec',ist('mxrecord?', _validate_mx, attribute=True, cli_name='mx_rec', doc='comma-separated list of MX records', label='MX record', multivalue=True)
-option: List('naptrrecord?', attribute=True, cli_name='naptr_rec',ist('naptrrecord?', attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
+option: List('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec',ist('naptrrecord?', _validate_naptr, attribute=True, cli_name='naptr_rec', doc='comma-separated list of NAPTR records', label='NAPTR record', multivalue=True)
 option: List('nsrecord?', attribute=True, cli_name='ns_rec',ist('nsrecord?', attribute=True, cli_name='ns_rec', doc='comma-separated list of NS records', label='NS record', multivalue=True)
 option: List('nsecrecord?', attribute=True, cli_name='nsec_rec',ist('nsecrecord?', attribute=True, cli_name='nsec_rec', doc='comma-separated list of NSEC records', label='NSEC record', multivalue=True)
 option: List('nsec3record?', attribute=True, cli_name='nsec3_rec',ist('nsec3record?', attribute=True, cli_name='nsec3_rec', doc='comma-separated list of NSEC3 records', label='NSEC3 record', multivalue=True)
@@ -604,7 +604,7 @@ option: List('keyrecord?', attribute=True, cli_name='key_rec',ist('keyrecord?',
 option: List('kxrecord?', attribute=True, cli_name='kx_rec',ist('kxrecord?', attribute=True, cli_name='kx_rec', doc='comma-separated list of KX records', label='KX record', multivalue=True)
 option: List('locrecord?', attribute=True, cli_name='loc_rec',ist('locrecord?', attribute=True, cli_name='loc_rec', doc='comma-separated list of LOC records', label='LOC record', multivalue=True)
 option: List('mxrecord?', _validate_mx, attribute=True,

Re: [Freeipa-devel] [PATCH] 061 Validate NAPTR records

Re: [Freeipa-devel] [PATCH] 061 Validate NAPTR records

Re: [Freeipa-devel] [PATCH] 061 Validate NAPTR records

[Freeipa-devel] [PATCH] 061 Validate NAPTR records

4 matches

Site Navigation

Mail list logo

Footer information