[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-devel] [PATCHES] 0022-0023 [RFE] DNS - IDN support



On 6.12.2013 14:48, Martin Basti wrote:
Hello,

patches here contain a *draft* of IDN support for IPA DNS.

Overview:
1) IND domains stored in LDAP are punycoded(A-labels)
2) now domain can contains almost everything
3) domains have to be normalized (AD requires normalized domains too).
Example:  groƟ => gross
4) --raw option shows domains punycoded
5) without --raw option domains are showed in Unicode(U-labels, human
readable form)
6) It works only in DNS module, rest of IPA is still without IDN
7) IDN domains are not added into realmdomains

TODO:
1) bug in dnspython can cause improper conversion with escaped
characters:  https://github.com/rthalley/dnspython/issues/46
2) discuss if validators should be more strict (only letters
allowed, ...)
3) fix parts of code where domains are showed in punycode - error
messages, exceptions
4) cleanup unused code

TESTS:
1) 3 failures: caused by TODO 3)
2) expected value: 'value' should be in Unicode(U-labels), instead of
punycode (part of TODO 3) )


I did a quick look at the patch and it is a little bit beefier than I would expect. Instead of doing excessive amounts of punycode encoding/decoding when a value is received from/about to be send to the client, I would instead encode right before LDAP add/mod and decode right after LDAP search.

Honza

--
Jan Cholasta


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]