[Freeipa-devel] [PATCH 0180] allow multiple dashes in the components of server hostname

2016-07-04 Thread Martin Babinsky 
The PKI bug preventing use of multiple dashes in hostnames [1] was 
already fixed. We may now relax our own syntax constraints.


https://fedorahosted.org/freeipa/ticket/4710

[1] https://fedorahosted.org/pki/ticket/1260

--
Martin^3 Babinsky
From ac5cdb1f31dcf7d4edfe5347d7204bda387b0df7 Mon Sep 17 00:00:00 2001
From: Martin Babinsky 
Date: Mon, 4 Jul 2016 12:43:08 +0200
Subject: [PATCH] allow multiple dashes in the components of server hostname

Relax the check for valid hostname component by allowing multiple consecutive
'-' or '/' characters int he middle of the label (the first/last character
must still be alphanumeric or underscore). Also use verbose regex format to
document its structure.

https://fedorahosted.org/freeipa/ticket/4710
---
 ipalib/util.py | 13 ++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/ipalib/util.py b/ipalib/util.py
index d101514cad4f35fd9a09d84b549ffa86de432f70..0cd5c091ec576e02e477f661bab981d12e01f1eb 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -194,9 +194,16 @@ def validate_dns_label(dns_label, allow_underscore=False, allow_slash=False):
 
 middle_chars = middle_chars + '-' #has to be always the last in the regex [-]
 
-label_regex = r'^[%(base)s%(extra)s]([%(base)s%(extra)s%(middle)s]?[%(base)s%(extra)s])*$' \
-% dict(base=base_chars, extra=extra_chars, middle=middle_chars)
-regex = re.compile(label_regex, re.IGNORECASE)
+label_regex = r'''^[%(base)s%(extra)s] # must begin with an alphanumeric
+   # character, or underscore if
+   # allow_underscore is True
+([%(base)s%(extra)s%(middle)s]*# can contain all allowed character
+   # classes in the middle
+[%(base)s%(extra)s])*$ # must end with alphanumeric
+   # character or underscore if
+   # allow_underscore is True
+''' % dict(base=base_chars, extra=extra_chars, middle=middle_chars)
+regex = re.compile(label_regex, re.IGNORECASE | re.VERBOSE)
 
 if not dns_label:
 raise ValueError(_('empty DNS label'))
-- 
2.5.5

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0180] allow multiple dashes in the components of server hostname

2016-07-20 Thread Martin Basti 



On 04.07.2016 12:54, Martin Babinsky wrote:
The PKI bug preventing use of multiple dashes in hostnames [1] was 
already fixed. We may now relax our own syntax constraints.


https://fedorahosted.org/freeipa/ticket/4710

[1] https://fedorahosted.org/pki/ticket/1260





ACK
Pushed to master: 15cfd0ee20fd05735473d3677b6f9f349339197e


-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code