[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-devel] [PATCHES] 0022-0023 [RFE] DNS - IDN support

On 6.12.2013 14:48, Martin Basti wrote:

patches here contain a *draft* of IDN support for IPA DNS.

1) IND domains stored in LDAP are punycoded(A-labels)
2) now domain can contains almost everything
3) domains have to be normalized (AD requires normalized domains too).
Example:  groƟ => gross
4) --raw option shows domains punycoded
5) without --raw option domains are showed in Unicode(U-labels, human
readable form)
6) It works only in DNS module, rest of IPA is still without IDN
7) IDN domains are not added into realmdomains

1) bug in dnspython can cause improper conversion with escaped
characters:  https://github.com/rthalley/dnspython/issues/46
2) discuss if validators should be more strict (only letters
allowed, ...)
3) fix parts of code where domains are showed in punycode - error
messages, exceptions
4) cleanup unused code

1) 3 failures: caused by TODO 3)
2) expected value: 'value' should be in Unicode(U-labels), instead of
punycode (part of TODO 3) )

I did a quick look at the patch and it is a little bit beefier than I would expect. Instead of doing excessive amounts of punycode encoding/decoding when a value is received from/about to be send to the client, I would instead encode right before LDAP add/mod and decode right after LDAP search.


Jan Cholasta

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]