Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1164859
Description of problem: From https://bugzilla.redhat.com/show_bug.cgi?id=817413#c3 a component in a zone name cannot be longer than 63 chars. Tried adding using command: # ipa dnszone-add domain.sixthreemax.12345678901234567890123345678901234567890 123456789012345678901234567890.com Got error: ipa: ERROR: non-public: UnicodeError: label empty or too long Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 129, in execute result = self.Command[_name](*args, **options) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 431, in __call__ params.update(self.get_default(**params)) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 657, in get_default return dict(self.__get_default_iter(params, kw)) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 686, in __get_default_iter kw[param.name] = param(kw[param.name], **kw) File "/usr/lib/python2.7/site-packages/ipalib/parameters.py", line 565, in __call__ value = self.convert(self.normalize(value)) File "/usr/lib/python2.7/site-packages/ipalib/parameters.py", line 797, in convert return self._convert_scalar(value) File "/usr/lib/python2.7/site-packages/ipalib/parameters.py", line 1953, in _convert_scalar domain_name = DNSName(value) File "/usr/lib/python2.7/site-packages/ipapython/dnsutil.py", line 34, in __init__ labels = dns.name.from_unicode(labels, origin).labels File "/usr/lib/python2.7/site-packages/dns/name.py", line 590, in from_unicode labels.append(encodings.idna.ToASCII(label)) File "/usr/lib64/python2.7/encodings/idna.py", line 73, in ToASCII raise UnicodeError("label empty or too long") UnicodeError: label empty or too long ipa: ERROR: an internal error has occurred Version-Release number of selected component (if applicable): ipa-server-4.1.0-6.el7.x86_64 bind-dyndb-ldap-6.0-1.el7.x86_64 How reproducible: always Steps to Reproduce: 1. Add a zone with long name # ipa dnszone-add domain.sixthreemax.12345678901234567890123345678901234567890 123456789012345678901234567890.com Actual results: Got traceback as above Expected results: Should fail gracefully, and not allow this zone to be added Additional info:
I sent patch which fixes the traceback, but currently I'm not able to add more specific description (label too long) because of python-dns implementation
# ipa dnszone-add test.0123456789012345678901234567890123456789012345678901234567890123456789.test ipa: ERROR: invalid 'name': invalid domain name
Pull request to fix python-dns https://github.com/rthalley/dnspython/pull/83
master:
ipa-4-1:
Metadata Update from @pvoborni: - Issue assigned to mbasti - Issue set to the milestone: FreeIPA 4.1.2
Login to comment on this ticket.