From patchwork Sat Jan  2 12:54:45 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adolf Belka <ahb.ipfire@gmail.com>
X-Patchwork-Id: 3779
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4D7MLJ6vPxz3wg4
	for <patchwork@web04.haj.ipfire.org>; Sat,  2 Jan 2021 12:55:04 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384
	 client-signature ECDSA (P-384) client-digest SHA384)
	(Client CN "mail02.haj.ipfire.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4D7MLH74B8zqx;
	Sat,  2 Jan 2021 12:55:03 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4D7MLH5Qzxz2xm2;
	Sat,  2 Jan 2021 12:55:03 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
 by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4D7MLG2f6Tz2xGT
 for <development@lists.ipfire.org>; Sat,  2 Jan 2021 12:55:02 +0000 (UTC)
Received: from smtpq3.tb.mail.iss.as9143.net (smtpq3.tb.mail.iss.as9143.net
 [212.54.42.166])
 (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mail01.ipfire.org (Postfix) with ESMTPS id 4D7MLC1dBKzqx
 for <development@lists.ipfire.org>; Sat,  2 Jan 2021 12:54:59 +0000 (UTC)
Received: from [212.54.42.110] (helo=smtp7.tb.mail.iss.as9143.net)
 by smtpq3.tb.mail.iss.as9143.net with esmtps
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1)
 (envelope-from <ahb.ipfire@gmail.com>)
 id 1kvgQr-0005Cd-Ol; Sat, 02 Jan 2021 13:54:57 +0100
Received: from j103033.upc-j.chello.nl ([24.132.103.33]
 helo=rhea.saturn.pimb.org)
 by smtp7.tb.mail.iss.as9143.net with esmtpsa (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94)
 (envelope-from <ahb.ipfire@gmail.com>)
 id 1kvgQr-006The-E8; Sat, 02 Jan 2021 13:54:57 +0100
Received: from hyperion.saturn.pimb.org (hyperion.saturn.pimb.org
 [192.168.26.32])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by rhea.saturn.pimb.org (Postfix) with ESMTPSA id A2D8A3EF6;
 Sat,  2 Jan 2021 13:54:56 +0100 (CET)
From: Adolf Belka <ahb.ipfire@gmail.com>
To: development@lists.ipfire.org
Subject: [PATCH v2] general-functions.pl: Update to fix bug #12428
Date: Sat,  2 Jan 2021 13:54:45 +0100
Message-Id: <20210102125445.3389-1-ahb.ipfire@gmail.com>
X-Mailer: git-send-email 2.30.0
MIME-Version: 1.0
X-SourceIP: 24.132.103.33
X-Authenticated-Sender: adolf.belka@ziggo.nl (via SMTP)
X-Ziggo-spambar: /
X-Ziggo-spamscore: 0.0
X-Ziggo-spamreport: CMAE Analysis: v=2.4 cv=Ff+JeLy6 c=1 sm=1 tr=0 ts=5ff06d21
 a=N0UC3/faf55XGTeY5t7zSQ==:17 a=9+rZDBEiDlHhcck0kWbJtElFXBc=:19
 a=EmqxpYm9HcoA:10 a=x7bEGLp0ZPQA:10 a=6yxbeI8x3IIA:10 a=pGLkceISAAAA:8
 a=KZpT2gwuaQa4XnB1qh0A:9 a=FMWlydA5S1Uspk2y:21 a=QWNe0LbyZtXziFLI:21
X-Ziggo-Spam-Status: No
X-Spam-Status: No
X-Spam-Flag: No
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=lists.ipfire.org;
 s=202003rsa; t=1609592099;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=8JkMKkXmUIGf6/p4suQu2PhhKjeQhM3vJliS2034Kmc=;
 b=HXss4ImtXcKgZ+5cB/31eHqsBFXdz1q0GkYehe63812FL0u//tZ8m1Y4G6u0u6v3VO8jh7
 DLytuAWhAiZOL+du4izSgz+NaYgRNqIs/s9hG5r/cxzTDweaCakheSFupDUNZF//PvEMSv
 RLD2/3ZmS9Z1z+Rn9uuTJFBvKCf/qveVxgCznPXI/WhxKsiAM0rES818yAS0xB2qejGXpd
 oYxMwyV9QbF4lixv52bBL3btP9rxF89ce33+EXMkpmfj/HdW2rZbJfz4mms/WWmVuOfi8X
 Z+e7I5aDQ7NKn38ewc9UhqnshyNkUP4jqgC4NFkW7StlvgdZlo7v3eUqkPV7xA==
ARC-Authentication-Results: i=1; mail01.ipfire.org; dkim=none;
 spf=softfail (mail01.ipfire.org: 212.54.42.166 is neither permitted nor
 denied
 by domain of ahbipfire@gmail.com) smtp.mailfrom=ahbipfire@gmail.com
ARC-Seal: i=1; s=202003rsa; d=lists.ipfire.org; t=1609592099; a=rsa-sha256;
 cv=none;
 b=mF9VoY13/OfIOqHdCX8j7a4FHPIp0XQKPb2//nSqSczdGch7Ddn5rgB0PXcXodLjjf75TG
 rp6Vuc17VYzHEWVVKpOkHksZvERyWpUgXZZgpNydsbxKnzJ0a4WxnkzxUszozuhGsKLyiV
 sXkVhSKUkViBTDq4B9X7Nf8DjDOP+KuTSvnRRVtHMwJAkbhSZ+/g6TsBr16E5yNfZhbTJz
 ru3XtimdEs1yF6vpi4fHkMrXPLu/XkHsZViSiLvDKRvuN2PDPMwYKMyW2VPeaJoJyhjUGF
 2sSphtktu/odKYmzeWK+sE5lr0F60CyzcAa5zCvfp+X78NaYpKQVfIOmAoVbGQ==
Authentication-Results: mail01.ipfire.org; dkim=none;
 spf=softfail (mail01.ipfire.org: 212.54.42.166 is neither permitted nor
 denied
 by domain of ahbipfire@gmail.com) smtp.mailfrom=ahbipfire@gmail.com;
 dmarc=fail reason="No valid SPF,
 No valid DKIM" header.from=gmail.com (policy=none)
X-Rspamd-Server: mail01.haj.ipfire.org
X-Spamd-Result: default: False [-0.77 / 11.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com];
 R_MISSING_CHARSET(2.50)[];
 RWL_MAILSPIKE_GOOD(0.00)[212.54.42.166:from];
 IP_REPUTATION_HAM(-1.67)[asn: 33915(-0.24), country: NL(-0.00), ip:
 212.54.42.166(-0.59)]; BROKEN_CONTENT_TYPE(1.50)[];
 R_SPF_SOFTFAIL(0.00)[~all];
 ARC_SIGNED(0.00)[lists.ipfire.org:s=202003rsa:i=1];
 RCVD_COUNT_THREE(0.00)[4]; RCPT_COUNT_TWO(0.00)[2];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:33915, ipnet:212.54.32.0/20, country:NL];
 R_DKIM_NA(0.00)[]; HAS_X_AS(0.00)[];
 RCVD_IN_DNSWL_LOW(-0.10)[212.54.42.166:from];
 TAGGED_FROM(0.00)[]; ARC_NA(0.00)[];
 MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[];
 BAYES_HAM(-3.00)[99.99%]; TAGGED_RCPT(0.00)[];
 MIME_GOOD(-0.10)[text/plain];
 RECEIVED_SPAMHAUS_PBL(0.00)[24.132.103.33:received];
 TO_MATCH_ENVRCPT_SOME(0.00)[]; FREEMAIL_CC(0.00)[gmail.com];
 RCVD_TLS_ALL(0.00)[];
 DMARC_POLICY_SOFTFAIL(0.10)[gmail.com : No valid SPF, No valid DKIM,none]
X-Rspamd-Queue-Id: 4D7MLC1dBKzqx
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <http://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

- Patch of general-functions.pl for implementation of fix provided
	by Bernhard Bitsch in bug #12428.
	Had to be modified as that fix gave a failure for single character hostnames.
	Updated version prevents spaces being put into hostnames and works for single
	character hostnames
- Updated subroutine validfqdn to apply consistent rules for hostname & domain name
	portions of fqdn
- Minor updates for consistency across validhostname, validdomainname & validfqdn
- Patch implemented into testbed system and confirmed working for hostnames, domain names
	and FQDN's.

Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
---
 config/cfgroot/general-functions.pl | 51 ++++++++++++++++-------------
 1 file changed, 29 insertions(+), 22 deletions(-)

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 9be1e7708..a6656ccf5 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -635,12 +635,12 @@ sub validhostname
 	# Checks a hostname against RFC1035
         my $hostname = $_[0];
 
-	# Each part should be at least two characters in length
+	# Hostname should be at least one character in length
 	# but no more than 63 characters
 	if (length ($hostname) < 1 || length ($hostname) > 63) {
 		return 0;}
 	# Only valid characters are a-z, A-Z, 0-9 and -
-	if ($hostname !~ /^[a-zA-Z0-9-\s]*$/) {
+	if ($hostname !~ /^[a-zA-Z0-9-]*$/) {
 		return 0;}
 	# First character can only be a letter or a digit
 	if (substr ($hostname, 0, 1) !~ /^[a-zA-Z0-9]*$/) {
@@ -655,46 +655,53 @@ sub validdomainname
 {
 	my $part;
 
-	# Checks a domain name against RFC1035
+	# Checks a domain name against RFC1035 and RFC2181
         my $domainname = $_[0];
-	my @parts = split (/\./, $domainname);	# Split hostname at the '.'
+	my @parts = split (/\./, $domainname);	# Split domain name at the '.'
 
 	foreach $part (@parts) {
-		# Each part should be no more than 63 characters in length
+		# Each part should be at least one character in length
+		# but no more than 63 characters
 		if (length ($part) < 1 || length ($part) > 63) {
 			return 0;}
 		# Only valid characters are a-z, A-Z, 0-9, _ and -
 		if ($part !~ /^[a-zA-Z0-9_-]*$/) {
-			return 0;
-		}
+			return 0;}
 	}
 	return 1;
 }
 
 sub validfqdn
 {
-	my $part;
-
-	# Checks a fully qualified domain name against RFC1035
+	# Checks a fully qualified domain name against RFC1035 and RFC2181
         my $fqdn = $_[0];
-	my @parts = split (/\./, $fqdn);	# Split hostname at the '.'
+	my @parts = split (/\./, $fqdn);	# Split FQDN at the '.'
 	if (scalar(@parts) < 2) {		# At least two parts should
 		return 0;}			# exist in a FQDN
 						# (i.e.hostname.domain)
-	foreach $part (@parts) {
+
+	for (my $index=0; $index < scalar(@parts); $index++) {
 		# Each part should be at least one character in length
 		# but no more than 63 characters
-		if (length ($part) < 1 || length ($part) > 63) {
-			return 0;}
-		# Only valid characters are a-z, A-Z, 0-9 and -
-		if ($part !~ /^[a-zA-Z0-9-]*$/) {
-			return 0;}
-		# First character can only be a letter or a digit
-		if (substr ($part, 0, 1) !~ /^[a-zA-Z0-9]*$/) {
-			return 0;}
-		# Last character can only be a letter or a digit
-		if (substr ($part, -1, 1) !~ /^[a-zA-Z0-9]*$/) {
+		if (length ($parts[$index]) < 1 || length ($parts[$index]) > 63) {
 			return 0;}
+		if ($index eq 0) {		
+			# This is the hostname part
+			# Only valid characters are a-z, A-Z, 0-9 and -
+			if ($parts[$index] !~ /^[a-zA-Z0-9-]*$/) {
+				return 0;}
+			# First character can only be a letter or a digit
+			if (substr ($parts[$index], 0, 1) !~ /^[a-zA-Z0-9]*$/) {
+				return 0;}
+			# Last character can only be a letter or a digit
+			if (substr ($parts[$index], -1, 1) !~ /^[a-zA-Z0-9]*$/) {
+				return 0;}
+		} else{				
+			# This is the domain part
+			# Only valid characters are a-z, A-Z, 0-9, _ and -
+			if ($parts[$index] !~ /^[a-zA-Z0-9_-]*$/) {
+				return 0;}
+		}
 	}
 	return 1;
 }