From ba6dc9858e6e572d46f5b9d0d7778210b53c0410 Mon Sep 17 00:00:00 2001 From: Ross McFarland Date: Mon, 28 Aug 2017 13:40:25 -0700 Subject: [PATCH] Get out of the business of validating CAA records Seem to be pretty inconsistently implemented/validated across providers so just shrug and move on. --- octodns/record.py | 2 +- tests/test_octodns_record.py | 15 +++++++++++++-- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/octodns/record.py b/octodns/record.py index aa41606..8ef80be 100644 --- a/octodns/record.py +++ b/octodns/record.py @@ -393,7 +393,7 @@ class CaaValue(object): reasons = [] try: flags = int(value.get('flags', 0)) - if flags not in (0, 128): + if flags < 0 or flags > 255: reasons.append('invalid flags "{}"'.format(flags)) except ValueError: reasons.append('invalid flags "{}"'.format(value['flags'])) diff --git a/tests/test_octodns_record.py b/tests/test_octodns_record.py index 215abe1..51676a3 100644 --- a/tests/test_octodns_record.py +++ b/tests/test_octodns_record.py @@ -939,12 +939,23 @@ class TestRecordValidation(TestCase): 'type': 'CAA', 'ttl': 600, 'value': { - 'flags': 42, + 'flags': -42, 'tag': 'iodef', 'value': 'http://foo.bar.com/', } }) - self.assertEquals(['invalid flags "42"'], ctx.exception.reasons) + self.assertEquals(['invalid flags "-42"'], ctx.exception.reasons) + with self.assertRaises(ValidationError) as ctx: + Record.new(self.zone, '', { + 'type': 'CAA', + 'ttl': 600, + 'value': { + 'flags': 442, + 'tag': 'iodef', + 'value': 'http://foo.bar.com/', + } + }) + self.assertEquals(['invalid flags "442"'], ctx.exception.reasons) with self.assertRaises(ValidationError) as ctx: Record.new(self.zone, '', { 'type': 'CAA',