[Freeipa-devel] [PATCH 0180] allow multiple dashes in the components of server hostname

Mon, 04 Jul 2016 03:56:36 -0700

The PKI bug preventing use of multiple dashes in hostnames [1] was already fixed. We may now relax our own syntax constraints. 

https://fedorahosted.org/freeipa/ticket/4710

[1] https://fedorahosted.org/pki/ticket/1260

--
Martin^3 Babinsky

From ac5cdb1f31dcf7d4edfe5347d7204bda387b0df7 Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabi...@redhat.com>
Date: Mon, 4 Jul 2016 12:43:08 +0200
Subject: [PATCH] allow multiple dashes in the components of server hostname

Relax the check for valid hostname component by allowing multiple consecutive
'-' or '/' characters int he middle of the label (the first/last character
must still be alphanumeric or underscore). Also use verbose regex format to
document its structure.

https://fedorahosted.org/freeipa/ticket/4710
---
 ipalib/util.py | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/ipalib/util.py b/ipalib/util.py
index d101514cad4f35fd9a09d84b549ffa86de432f70..0cd5c091ec576e02e477f661bab981d12e01f1eb 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -194,9 +194,16 @@ def validate_dns_label(dns_label, allow_underscore=False, allow_slash=False):
 
     middle_chars = middle_chars + '-' #has to be always the last in the regex [....-]
 
-    label_regex = r'^[%(base)s%(extra)s]([%(base)s%(extra)s%(middle)s]?[%(base)s%(extra)s])*$' \
-        % dict(base=base_chars, extra=extra_chars, middle=middle_chars)
-    regex = re.compile(label_regex, re.IGNORECASE)
+    label_regex = r'''^[%(base)s%(extra)s] # must begin with an alphanumeric
+                                           # character, or underscore if
+                                           # allow_underscore is True
+        ([%(base)s%(extra)s%(middle)s]*    # can contain all allowed character
+                                           # classes in the middle
+        [%(base)s%(extra)s])*$             # must end with alphanumeric
+                                           # character or underscore if
+                                           # allow_underscore is True
+        ''' % dict(base=base_chars, extra=extra_chars, middle=middle_chars)
+    regex = re.compile(label_regex, re.IGNORECASE | re.VERBOSE)
 
     if not dns_label:
         raise ValueError(_('empty DNS label'))
-- 
2.5.5


-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to