DRIVERS-3329: Configurable DNS domain validation for SRV records#1950
DRIVERS-3329: Configurable DNS domain validation for SRV records#1950sleepyStick wants to merge 8 commits into
Conversation
rozza
left a comment
rozza
left a comment
There was a problem hiding this comment.
It looks good, I have one comment about if an invalid srvAllowedHostsSuffix should throw an error explicitly? (if so should we update the yml?)
Also the yml and json has diverged for srvAllowedHostsSuffix-without_dot_pass - which is probably the lint error.
| example, `srvAllowedHostsSuffix=.mydomain.net`. If the value does not begin with a `.`, for example, | ||
| `srvAllowedHostsSuffix=mydomain.net`, the `.` MUST be automatically prepended prior to validation. If this option is not | ||
| present, the domain MUST be inferred from the hostname. This option MUST only be configurable at the level of a | ||
| `MongoClient`. |
There was a problem hiding this comment.
Just to clarify, if a host is invalid eg: ..example.com should this error or just return an empty list of hosts?
There was a problem hiding this comment.
oh good question, my current implementation has it eventually erroring (with a configuration error) when the driver goes to validate the SRV hosts -- i didn't add a new "check valid host" type of function. (though this probably wouldn't be too hard with some regex? if you think it'd be beneficial to add something like this.) My initial thought process was this new parameter is just a user configurable way to denote what the domain should be (as opposed to the previous, now default, logic) -- they should know what they're doing if they're using this param and if they happened to make a typo / silly mistake, the existing "invalid SRV host" error message that occurs when there is an invalid host given the previous logic would still apply.
There was a problem hiding this comment.
I think the eventually error part will cover this, so no need for a regex. I can never understand regexes and someone always seems to find a usecase where the regex fails where it shouldn't!
| @@ -0,0 +1,4 @@ | |||
| "uri": "mongodb+srv://test12.test.build.10gen.cc/?srvAllowedHostsSuffix=uild.10gen.cc" | |||
There was a problem hiding this comment.
A comment about why this URI causes an error would be helpful. Similar to the comment on "srvAllowedHostsSuffix-mismatch.yml".
There was a problem hiding this comment.
Good call -- added!
|
|
||
| #### srvAllowedHostsSuffix | ||
|
|
||
| This option is used to validate hosts. If present, its value MUST be treated as the domain for DNS validation. For |
There was a problem hiding this comment.
Optional: Consider linking to the Querying DNS section, which is where the DNS validation is described.
|
Assigned |
…covery.md Co-authored-by: Matt Dale <9760375+matthewdale@users.noreply.github.com>
…covery.md Co-authored-by: Matt Dale <9760375+matthewdale@users.noreply.github.com>
3 participants
Please complete the following before merging:
Python PR: PYTHON-5814 Configurable DNS domain validation for SRV records mongo-python-driver#2868
clusters).