Re: [Freeipa-devel] [PATCH 0401] ipa-adtrust-install: Allow dash in the NETBIOS name

Tomas Babej Mon, 29 Feb 2016 06:00:33 -0800


On 02/29/2016 02:04 PM, Martin Babinsky wrote:
> On 02/25/2016 02:13 PM, Tomas Babej wrote:
>> Hi,
>>
>> Dash should be one of the allowed characters in the netbios names,
>> so relax the too strict validation.
>>
>> Note: the set of allowed characters might expand in the future
>>
>> https://fedorahosted.org/freeipa/ticket/5286
>>
>> Tomas
>>
>>
>>
> 
> NACK, since this patch breaks the interactive installation of adtrust,
> see the following log: http://fpaste.org/331088/56750906/
> 
> Keep in mind that the argument of any is first instantiated and then
> each element is tested. Since during interactive installation there is a
> possibility in the current code that check_netbios_name receives None as
> argument. You will have to correct this somehow.
>


Good catch. My original patch indeed breaks the interactive installation
on a clean machine where no netbios name has been specified explicitly.

Fixed, attaching patches for both branches.

Tomas

From 5620f30ec94bf58f5cf1c36d5e480c65acadbf97 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Thu, 25 Feb 2016 14:09:48 +0100
Subject: [PATCH] ipa-adtrust-install: Allow dash in the NETBIOS name

---
 install/tools/ipa-adtrust-install    |  6 ++++--
 ipaserver/install/adtrustinstance.py | 18 ++++++++++++------
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/install/tools/ipa-adtrust-install b/install/tools/ipa-adtrust-install
index 8b3fce2db8535ac2124a347c6ca2f63f7c6e3e42..f972835ec89c18d0453e659142d4434aaa571dd5 100755
--- a/install/tools/ipa-adtrust-install
+++ b/install/tools/ipa-adtrust-install
@@ -88,13 +88,15 @@ def parse_options():
 
 def netbios_name_error(name):
     print("\nIllegal NetBIOS name [%s].\n" % name)
-    print("Up to 15 characters and only uppercase ASCII letter and digits are allowed.")
+    print("Up to 15 characters and only uppercase ASCII letters, digits "
+          "and dashes are allowed.")
 
 def read_netbios_name(netbios_default):
     netbios_name = ""
 
     print("Enter the NetBIOS name for the IPA domain.")
-    print("Only up to 15 uppercase ASCII letters and digits are allowed.")
+    print("Only up to 15 uppercase ASCII letters, digits "
+          "and dashes are allowed.")
     print("Example: EXAMPLE.")
     print("")
     print("")
diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py
index 9e7e001f7c505d09d5a61164399e9ed256ae9865..8a6e31e5cdecb27d67c0a047151aaa9b503b1405 100644
--- a/ipaserver/install/adtrustinstance.py
+++ b/ipaserver/install/adtrustinstance.py
@@ -51,7 +51,7 @@ from ipaplatform.tasks import tasks
 if six.PY3:
     unicode = str
 
-ALLOWED_NETBIOS_CHARS = string.ascii_uppercase + string.digits
+ALLOWED_NETBIOS_CHARS = string.ascii_uppercase + string.digits + '-'
 
 UPGRADE_ERROR = """
 Entry %(dn)s does not exist.
@@ -90,13 +90,19 @@ def ipa_smb_conf_exists():
     return False
 
 
-def check_netbios_name(s):
-    # NetBIOS names may not be longer than 15 allowed characters
-    if not s or len(s) > 15 or \
-       ''.join([c for c in s if c not in ALLOWED_NETBIOS_CHARS]):
+def check_netbios_name(name):
+    # Empty NetBIOS name is not allowed
+    if name is None:
         return False
 
-    return True
+    # NetBIOS names may not be longer than 15 allowed characters
+    invalid_netbios_name = any([
+        len(name) > 15,
+        ''.join([c for c in name if c not in ALLOWED_NETBIOS_CHARS])
+    ])
+
+    return not invalid_netbios_name
+
 
 def make_netbios_name(s):
     return ''.join([c for c in s.split('.')[0].upper() \
-- 
2.5.0

From a377b98d222bf82fcad8e7b8f2993e01be4f9f58 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Thu, 25 Feb 2016 14:02:08 +0100
Subject: [PATCH] ipa-adtrust-install: Allow dash in the NETBIOS name

Dash should be one of the allowed characters in the netbios names,
so relax the too strict validation.

Note: the set of allowed characters might expand in the future

https://fedorahosted.org/freeipa/ticket/5286
---
 install/tools/ipa-adtrust-install    | 19 ++++++++++++-------
 ipaserver/install/adtrustinstance.py | 18 ++++++++++++------
 2 files changed, 24 insertions(+), 13 deletions(-)

diff --git a/install/tools/ipa-adtrust-install b/install/tools/ipa-adtrust-install
index d2cec17891976e911d42869d5c871bf4f2805db7..ada11e076f7dec6f47afc02dc178a5306fb53daf 100755
--- a/install/tools/ipa-adtrust-install
+++ b/install/tools/ipa-adtrust-install
@@ -74,17 +74,22 @@ def parse_options():
     return safe_options, options
 
 def netbios_name_error(name):
-    print "\nIllegal NetBIOS name [%s].\n" % name
-    print "Up to 15 characters and only uppercase ASCII letter and digits are allowed."
+    print(
+        "\nIllegal NetBIOS name [{}].\n\n"
+        "Up to 15 characters and only uppercase ASCII letters, "
+        "digits and dashes are allowed.".format(name)
+    )
 
 def read_netbios_name(netbios_default):
     netbios_name = ""
 
-    print "Enter the NetBIOS name for the IPA domain."
-    print "Only up to 15 uppercase ASCII letters and digits are allowed."
-    print "Example: EXAMPLE."
-    print ""
-    print ""
+    print(
+        "Enter the NetBIOS name for the IPA domain.\n"
+        "Only up to 15 uppercase ASCII letters, digits and "
+        "dashes are allowed.\n"
+        "Example: EXAMPLE\n\n"
+    )
+
     if not netbios_default:
         netbios_default = "EXAMPLE"
     while True:
diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py
index a890f141b5ea5d79511cbd7eb3d24c73cf04f3b5..89e967e329f5ac60539daf04bf4eb5ace4c57b27 100644
--- a/ipaserver/install/adtrustinstance.py
+++ b/ipaserver/install/adtrustinstance.py
@@ -44,7 +44,7 @@ from ipaplatform.paths import paths
 from ipaplatform.tasks import tasks
 
 
-ALLOWED_NETBIOS_CHARS = string.ascii_uppercase + string.digits
+ALLOWED_NETBIOS_CHARS = string.ascii_uppercase + string.digits + '-'
 
 UPGRADE_ERROR = """
 Entry %(dn)s does not exist.
@@ -83,13 +83,19 @@ def ipa_smb_conf_exists():
     return False
 
 
-def check_netbios_name(s):
-    # NetBIOS names may not be longer than 15 allowed characters
-    if not s or len(s) > 15 or \
-       ''.join([c for c in s if c not in ALLOWED_NETBIOS_CHARS]):
+def check_netbios_name(name):
+    # Empty NetBIOS name is not allowed
+    if name is None:
         return False
 
-    return True
+    # NetBIOS names may not be longer than 15 allowed characters
+    invalid_netbios_name = any([
+        len(name) > 15,
+        ''.join([c for c in name if c not in ALLOWED_NETBIOS_CHARS])
+    ])
+
+    return not invalid_netbios_name
+
 
 def make_netbios_name(s):
     return ''.join([c for c in s.split('.')[0].upper() \
-- 
2.5.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0401] ipa-adtrust-install: Allow dash in the NETBIOS name

Reply via email to