From 8fd324ff5a37fc5bbe5a844278dfeafc6860c64e Mon Sep 17 00:00:00 2001 From: zszabo-rh Date: Tue, 4 Feb 2025 07:45:31 +0100 Subject: [PATCH] MGMT-19773: block forbidden hostname --- internal/host/hostutil/host_utils.go | 4 ++-- internal/host/hostutil/host_utils_test.go | 16 ++++++++++++---- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/internal/host/hostutil/host_utils.go b/internal/host/hostutil/host_utils.go index df46d7b7fc..ea444bf3ee 100644 --- a/internal/host/hostutil/host_utils.go +++ b/internal/host/hostutil/host_utils.go @@ -26,7 +26,7 @@ import ( ) const ( - MaxHostnameLength = 63 + MaxHostnameLength = 253 HostnamePattern = "^[a-z0-9][a-z0-9-]{0,62}(?:[.][a-z0-9-]{1,63})*$" ) @@ -77,7 +77,7 @@ func GetEventSeverityFromHostStatus(status string) string { func ValidateHostname(hostname string) error { if len(hostname) > MaxHostnameLength { - return common.NewApiError(http.StatusBadRequest, errors.Errorf("hostname is too long, must be 63 characters or less. Hostname: %s has %d characters", hostname, len(hostname))) + return common.NewApiError(http.StatusBadRequest, errors.Errorf("hostname is too long, must be 253 characters or less. Hostname: %s has %d characters", hostname, len(hostname))) } b, err := regexp.MatchString(HostnamePattern, hostname) if err != nil { diff --git a/internal/host/hostutil/host_utils_test.go b/internal/host/hostutil/host_utils_test.go index d4277f3376..e8f28d66c4 100644 --- a/internal/host/hostutil/host_utils_test.go +++ b/internal/host/hostutil/host_utils_test.go @@ -1,6 +1,7 @@ package hostutil import ( + "strings" "testing" "github.com/go-openapi/strfmt" @@ -88,22 +89,29 @@ var _ = Describe("Validation", func() { } }) + section := strings.Repeat("a", 63) + "." + endsection := strings.Repeat("a", 61) It("Should allow permitted hostnames", func() { for _, hostName := range []string{ "foobar", "foobar.local", "arbitrary.hostname", + strings.Repeat(section, 3) + endsection, // 253 chars } { err := ValidateHostname(hostName) Expect(err).NotTo(HaveOccurred()) } }) - It("Should not allow hostnames longer than 63 characters", func() { + It("Should not allow hostnames violating naming rules", func() { for _, hostName := range []string{ - "foobar.local.arbitrary.hostname.longer.than.64-characters.inthis.name", - "foobar1234-foobar1234-foobar1234-foobar1234-foobar1234-foobar1234-foobar1234", - "this-host.name-iss.exactly-64.characters.long.so.itt-should.fail", + strings.Repeat(section, 3) + endsection + "a", // more than 253 chars + "toolong-2nd-section." + "a" + section + "com", // has section longer than 63 chars + "-invalid-start.com", // starts with hyphen + "invalid-end.com.", // ends with dot + "two..dots.com", // double dots + "UPPERCASE.com", // uppercase letters + "invalid$.com", // special character `$` } { err := ValidateHostname(hostName) Expect(err).To(HaveOccurred())