Fix SSHFP validation for ECDSA, ED25519, and SHA256
ECDSA algorithm: RFC6594 - https://tools.ietf.org/html/rfc6594
ED25519 algorithm: RFC7479 - https://tools.ietf.org/html/rfc7479
Fingerprint type SHA-256: RFC6594 - https://tools.ietf.org/html/rfc6594
https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.txt
Based on regex from designate-dashboard
Change-Id: I670c90032beb7403c01751fa1be81c0e906d37f4
(cherry picked from commit 028c9bf1e9
)
This commit is contained in:
parent
19fec582ca
commit
7a3de8cd13
@ -26,7 +26,7 @@ class SSHFP(Record):
|
||||
'schema': {
|
||||
'type': 'integer',
|
||||
'minimum': 0,
|
||||
'maximum': 2
|
||||
'maximum': 4
|
||||
},
|
||||
'required': True
|
||||
},
|
||||
@ -34,7 +34,7 @@ class SSHFP(Record):
|
||||
'schema': {
|
||||
'type': 'integer',
|
||||
'minimum': 0,
|
||||
'maximum': 1
|
||||
'maximum': 2
|
||||
},
|
||||
'required': True
|
||||
},
|
||||
|
@ -49,7 +49,7 @@ RE_FIP_ID = r'^(?P<region>[A-Za-z0-9\.\-_]{1,100}):' \
|
||||
r'(?P<id>[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-' \
|
||||
r'[0-9a-fA-F]{4}-[0-9a-fA-F]{12})\Z'
|
||||
|
||||
RE_SSHFP_FINGERPRINT = r'^[0-9A-Fa-f]{40}\Z'
|
||||
RE_SSHFP_FINGERPRINT = r'^([0-9A-Fa-f]{10,40}|[0-9A-Fa-f]{64})\Z'
|
||||
|
||||
|
||||
draft3_format_checker = jsonschema.draft3_format_checker
|
||||
|
@ -391,6 +391,7 @@ class SchemaFormatTest(TestCase):
|
||||
def test_is_sshfp(self):
|
||||
valid_sshfps = [
|
||||
'72d30d211ce8c464de2811e534de23b9be9b4dc4',
|
||||
'7f3f61e323a7d75de08a2a6069b333e925cae260f4902017194002f226db8658',
|
||||
]
|
||||
|
||||
invalid_sshfps = [
|
||||
|
Loading…
Reference in New Issue
Block a user