Bug 1108233 - [RFE] ipa dnsrecord-add should allow internationalized names
Summary: [RFE] ipa dnsrecord-add should allow internationalized names
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa
Version: 7.1
Hardware: Unspecified
OS: Unspecified
medium
unspecified
Target Milestone: rc
: ---
Assignee: Martin Kosek
QA Contact: Namita Soman
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-06-11 14:58 UTC by Martin Kosek
Modified: 2015-03-05 10:12 UTC (History)
3 users (show)

Fixed In Version: ipa-4.0.3-1.el7
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-03-05 10:12:16 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:0442 0 normal SHIPPED_LIVE Moderate: ipa security, bug fix, and enhancement update 2015-03-05 14:50:39 UTC

Description Martin Kosek 2014-06-11 14:58:38 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/3169

ipa dnsrecord-add does not allow to create internationalized names

Both utf8 and punycode names are refused.

Tested with:
ätest
and the equivalent punycode:
xn--test-koa

Both are currently refused.
I suspect the latter is just a mistake in validating names because -- is not an invalid combination.
However we should accept the former and simply internally convert from utf8 to punycode before storing the record.

Comment 1 Martin Kosek 2014-06-11 15:23:32 UTC
This request is already fixed in upstream FreeIPA project. Please refer to the linked ticket for additional details and related commits.

Comment 5 Namita Soman 2015-01-14 14:04:54 UTC
Verified using:
bind-dyndb-ldap-6.0-2.el7.x86_64
ipa-server-4.1.0-13.el7.x86_64


# ipa dnszone-add "kůň.cz" 
  Zone name: kůň.cz.
  Active zone: TRUE
  Authoritative nameserver: hp-dl380pgen8-02-vm-5.testrelm.test.
  Administrator e-mail address: hostmaster
  SOA serial: 1421244075
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant TESTRELM.TEST krb5-self * A; grant TESTRELM.TEST krb5-self * AAAA; grant TESTRELM.TEST
                      krb5-self * SSHFP;
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;


# ipa dnsrecord-add kůň.cz žluťoučký --a-rec 192.0.2.2
  Record name: žluťoučký
  A record: 192.0.2.2


# host žluťoučký.kůň.cz
žluťoučký.kůň.cz has address 192.0.2.2


# ipa dnsrecord-find "kůň.cz"
  Record name: @
  NS record: hp-dl380pgen8-02-vm-5.testrelm.test.

  Record name: žluťoučký
  A record: 192.0.2.2
----------------------------
Number of entries returned 2
----------------------------


# ipa dnszone-show "kůň.cz" --all
  dn: idnsname=xn--k-qla0j.cz.,cn=dns,dc=testrelm,dc=test
  Zone name: kůň.cz.
  Active zone: TRUE
  Authoritative nameserver: hp-dl380pgen8-02-vm-5.testrelm.test.
  Administrator e-mail address: hostmaster
  SOA serial: 1421244094
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant TESTRELM.TEST krb5-self * A; grant TESTRELM.TEST krb5-self * AAAA; grant TESTRELM.TEST
                      krb5-self * SSHFP;
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;
  nsrecord: hp-dl380pgen8-02-vm-5.testrelm.test.
  objectclass: idnszone, top, idnsrecord

Comment 7 errata-xmlrpc 2015-03-05 10:12:16 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0442.html


Note You need to log in before you can comment on or make changes to this bug.