diff options
| author | Alex Monk <krenair@gmail.com> | 2016-08-04 02:15:18 +0100 |
|---|---|---|
| committer | Graham Hayes <graham.hayes@hpe.com> | 2016-09-21 17:30:33 +0000 |
| commit | 7a3de8cd13da7b2358db2ad9a078a60f12d7b631 (patch) | |
| tree | e5f63cd75da85ae73a9e5108d67ff30620b38eb7 | |
| parent | 19fec582ca7e4060f6e4f2f93c53492a0b9e6820 (diff) | |
| download | designate-7a3de8cd13da7b2358db2ad9a078a60f12d7b631.tar.gz | |
Fix SSHFP validation for ECDSA, ED25519, and SHA256
ECDSA algorithm: RFC6594 - https://tools.ietf.org/html/rfc6594
ED25519 algorithm: RFC7479 - https://tools.ietf.org/html/rfc7479
Fingerprint type SHA-256: RFC6594 - https://tools.ietf.org/html/rfc6594
https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.txt
Based on regex from designate-dashboard
Change-Id: I670c90032beb7403c01751fa1be81c0e906d37f4
(cherry picked from commit 028c9bf1e935549d1fd8d61096bce2612177becc)
| -rw-r--r-- | designate/objects/rrdata_sshfp.py | 4 | ||||
| -rw-r--r-- | designate/schema/format.py | 2 | ||||
| -rw-r--r-- | designate/tests/test_schema/test_format.py | 1 |
3 files changed, 4 insertions, 3 deletions
diff --git a/designate/objects/rrdata_sshfp.py b/designate/objects/rrdata_sshfp.py index 177339a0..0d1961f4 100644 --- a/designate/objects/rrdata_sshfp.py +++ b/designate/objects/rrdata_sshfp.py @@ -26,7 +26,7 @@ class SSHFP(Record): 'schema': { 'type': 'integer', 'minimum': 0, - 'maximum': 2 + 'maximum': 4 }, 'required': True }, @@ -34,7 +34,7 @@ class SSHFP(Record): 'schema': { 'type': 'integer', 'minimum': 0, - 'maximum': 1 + 'maximum': 2 }, 'required': True }, diff --git a/designate/schema/format.py b/designate/schema/format.py index 12839464..fd524331 100644 --- a/designate/schema/format.py +++ b/designate/schema/format.py @@ -49,7 +49,7 @@ RE_FIP_ID = r'^(?P<region>[A-Za-z0-9\.\-_]{1,100}):' \ r'(?P<id>[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-' \ r'[0-9a-fA-F]{4}-[0-9a-fA-F]{12})\Z' -RE_SSHFP_FINGERPRINT = r'^[0-9A-Fa-f]{40}\Z' +RE_SSHFP_FINGERPRINT = r'^([0-9A-Fa-f]{10,40}|[0-9A-Fa-f]{64})\Z' draft3_format_checker = jsonschema.draft3_format_checker diff --git a/designate/tests/test_schema/test_format.py b/designate/tests/test_schema/test_format.py index 4a8e3b6d..7b37c65c 100644 --- a/designate/tests/test_schema/test_format.py +++ b/designate/tests/test_schema/test_format.py @@ -391,6 +391,7 @@ class SchemaFormatTest(TestCase): def test_is_sshfp(self): valid_sshfps = [ '72d30d211ce8c464de2811e534de23b9be9b4dc4', + '7f3f61e323a7d75de08a2a6069b333e925cae260f4902017194002f226db8658', ] invalid_sshfps = [ |