diff --git a/octodns/record.py b/octodns/record.py index 1d2b349..23bfd45 100644 --- a/octodns/record.py +++ b/octodns/record.py @@ -482,7 +482,7 @@ class MxRecord(_ValuesMixin, Record): class NaptrValue(object): - LEGAL_FLAGS = ('S', 'A', 'U', 'P') + VALID_FLAGS = ('S', 'A', 'U', 'P') @classmethod def _validate_value(cls, data): @@ -502,8 +502,8 @@ class NaptrValue(object): .format(data['preference'])) try: flags = data['flags'] - if flags not in cls.LEGAL_FLAGS: - reasons.append('invalid flags "{}"'.format(flags)) + if flags not in cls.VALID_FLAGS: + reasons.append('unrecognized flags "{}"'.format(flags)) except KeyError: reasons.append('missing flags') @@ -594,19 +594,25 @@ class PtrRecord(_ValueMixin, Record): class SshfpValue(object): + VALID_ALGORITHMS = (1, 2) + VALID_FINGERPRINT_TYPES = (1,) @classmethod def _validate_value(cls, value): reasons = [] - # TODO: validate algorithm and fingerprint_type values try: - int(value['algorithm']) + algorithm = int(value['algorithm']) + if algorithm not in cls.VALID_ALGORITHMS: + reasons.append('unrecognized algorithm "{}"'.format(algorithm)) except KeyError: reasons.append('missing algorithm') except ValueError: reasons.append('invalid algorithm "{}"'.format(value['algorithm'])) try: - int(value['fingerprint_type']) + fingerprint_type = int(value['fingerprint_type']) + if fingerprint_type not in cls.VALID_FINGERPRINT_TYPES: + reasons.append('unrecognized fingerprint_type "{}"' + .format(fingerprint_type)) except KeyError: reasons.append('missing fingerprint_type') except ValueError: diff --git a/tests/test_octodns_record.py b/tests/test_octodns_record.py index 08d3ad7..1d64081 100644 --- a/tests/test_octodns_record.py +++ b/tests/test_octodns_record.py @@ -1011,7 +1011,7 @@ class TestRecordValidation(TestCase): 'ttl': 600, 'value': v }) - self.assertEquals(['invalid flags "X"'], ctx.exception.reasons) + self.assertEquals(['unrecognized flags "X"'], ctx.exception.reasons) def test_NS(self): # doesn't blow up @@ -1104,6 +1104,20 @@ class TestRecordValidation(TestCase): }) self.assertEquals(['invalid algorithm "nope"'], ctx.exception.reasons) + # unrecognized algorithm + with self.assertRaises(ValidationError) as ctx: + Record.new(self.zone, '', { + 'type': 'SSHFP', + 'ttl': 600, + 'value': { + 'algorithm': 42, + 'fingerprint_type': 1, + 'fingerprint': 'bf6b6825d2977c511a475bbefb88aad54a92ac73' + } + }) + self.assertEquals(['unrecognized algorithm "42"'], + ctx.exception.reasons) + # missing fingerprint_type with self.assertRaises(ValidationError) as ctx: Record.new(self.zone, '', { @@ -1130,6 +1144,20 @@ class TestRecordValidation(TestCase): self.assertEquals(['invalid fingerprint_type "yeeah"'], ctx.exception.reasons) + # unrecognized fingerprint_type + with self.assertRaises(ValidationError) as ctx: + Record.new(self.zone, '', { + 'type': 'SSHFP', + 'ttl': 600, + 'value': { + 'algorithm': 1, + 'fingerprint_type': 42, + 'fingerprint': 'bf6b6825d2977c511a475bbefb88aad54a92ac73' + } + }) + self.assertEquals(['unrecognized fingerprint_type "42"'], + ctx.exception.reasons) + # missing fingerprint with self.assertRaises(ValidationError) as ctx: Record.new(self.zone, '', {