Hey,
Here is a patch for adding some validation to the HTTP proxy field on the
general
config page (https://hostname/rhn/admin/config/GeneralConfig.do).
This validator will allow FQDN or FQDN:port only, while a simple hostname will
not
pass. IPv4 addresses will pass, but IPv6 won't. Feel free to propose changes,
this
can be done in many different ways. I just went for an easy approach that reuses
some existing and tested code, but we can also use a regex if you prefer that.
BTW: Does anybody know why all error messages on that particular page keep on
appearing twice? Or it's not the case for you? I might look after this bug as
well..
Thanks,
Johannes
--
SUSE LINUX Products GmbH, HRB 16746 (AG Nürnberg)
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer
From 8ecd2908bb32bbce565503176b6fe937e851a2de Mon Sep 17 00:00:00 2001
From: Johannes Renner jren...@suse.de
Date: Mon, 10 Sep 2012 11:31:13 +0200
Subject: [PATCH] Validate proxy format on general config page
---
.../rhn/common/validator/HostPortValidator.java| 37
.../action/satellite/GeneralConfigAction.java | 14 ++--
.../frontend/strings/java/StringResource_en_US.xml |8
3 files changed, 56 insertions(+), 3 deletions(-)
create mode 100644 java/code/src/com/redhat/rhn/common/validator/HostPortValidator.java
diff --git a/java/code/src/com/redhat/rhn/common/validator/HostPortValidator.java b/java/code/src/com/redhat/rhn/common/validator/HostPortValidator.java
new file mode 100644
index 000..a52449a
--- /dev/null
+++ b/java/code/src/com/redhat/rhn/common/validator/HostPortValidator.java
@@ -0,0 +1,37 @@
+/**
+ * Copyright (c) 2012 Novell
+ *
+ * This software is licensed to you under the GNU General Public License,
+ * version 2 (GPLv2). There is NO WARRANTY for this software, express or
+ * implied, including the implied warranties of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+ * along with this software; if not, see
+ * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+ *
+ * Red Hat trademarks are not licensed under GPLv2. No permission is
+ * granted to use or replicate Red Hat trademarks that are incorporated
+ * in this software or its documentation.
+ */
+package com.redhat.rhn.common.validator;
+
+import org.apache.commons.validator.UrlValidator;
+
+/**
+ * Simple host[:port] validation reusing {@link UrlValidator} internals.
+ */
+public class HostPortValidator extends UrlValidator {
+
+// Singleton instance
+private static HostPortValidator instance;
+
+public static HostPortValidator getInstance() {
+if (instance == null) {
+instance = new HostPortValidator();
+}
+return instance;
+}
+
+public boolean isValidHostPort(String hostPort) {
+return isValidAuthority(hostPort);
+}
+}
diff --git a/java/code/src/com/redhat/rhn/frontend/action/satellite/GeneralConfigAction.java b/java/code/src/com/redhat/rhn/frontend/action/satellite/GeneralConfigAction.java
index 53cb5f2..2287b64 100644
--- a/java/code/src/com/redhat/rhn/frontend/action/satellite/GeneralConfigAction.java
+++ b/java/code/src/com/redhat/rhn/frontend/action/satellite/GeneralConfigAction.java
@@ -16,6 +16,7 @@ package com.redhat.rhn.frontend.action.satellite;
import com.redhat.rhn.common.conf.Config;
import com.redhat.rhn.common.conf.ConfigDefaults;
+import com.redhat.rhn.common.validator.HostPortValidator;
import com.redhat.rhn.common.validator.ValidatorError;
import com.redhat.rhn.domain.user.User;
import com.redhat.rhn.frontend.struts.RequestContext;
@@ -213,7 +214,16 @@ public class GeneralConfigAction extends BaseConfigAction {
*/
private ActionErrors validateForm(DynaActionForm form) {
ActionErrors errors = new ActionErrors();
-String email = (String) form.get(translateFormPropertyName(traceback_mail));
+
+// Check if proxy is given as host:port
+String proxy = (String) form.get(
+translateFormPropertyName(server.satellite.http_proxy));
+HostPortValidator validator = HostPortValidator.getInstance();
+if (!(proxy.equals() || validator.isValidHostPort(proxy))) {
+errors.add(ActionMessages.GLOBAL_MESSAGE,
+new ActionMessage(error.proxy_invalid));
+}
+
String password = (String) form.get(
translateFormPropertyName(server.satellite.http_proxy_password));
String confirmationPassword = (String) form.get(
@@ -234,6 +244,4 @@ public class GeneralConfigAction extends BaseConfigAction {
return errors;
}
-
}
-
diff --git a/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml b/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml
index 86e3bd7..507e32d 100644
--- a/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml
+++