Improve hostname verification in install tools

Our install tools like ipa-server-install, ipa-replica-{prepare, install} may allow hostnames that do not match the requirements in ipalib. This creates a disconnect and may cause issues when user cannot delete hostnames created by install tools. This patch makes sure that ipalib requirements are applied to install tools hostnames as well. https://fedorahosted.org/freeipa/ticket/2089
2025-01-15 19:01:55 -06:00 · 2012-03-01 11:01:45 +01:00 · 2012-03-01 11:01:45 +01:00 · 61af2c9b1e
commit 61af2c9b1e
parent 5e01ed1325
1 changed files with 7 additions and 0 deletions
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@ -34,6 +34,7 @@ from ConfigParser import SafeConfigParser

 from ipapython import ipautil, dnsclient, sysrestore
 from ipapython.ipa_log_manager import *
+from ipalib.util import validate_hostname

 # Used to determine install status
 IPA_MODULES = ['httpd', 'kadmin', 'dirsrv', 'pki-cad', 'pkids', 'install', 'krb5kdc', 'ntpd', 'named', 'ipa_memcached']
@ -159,6 +160,12 @@ def verify_fqdn(host_name, no_host_dns=False, local_hostname=True):
    if ipautil.valid_ip(host_name):
        raise BadHostError("IP address not allowed as a hostname")

+    try:
+        # make sure that the host name meets the requirements in ipalib
+        validate_hostname(host_name)
+    except ValueError, e:
+        raise BadHostError("Invalid hostname '%s', %s" % (host_name, unicode(e)))
+
    if local_hostname:
        try:
            ex_name = socket.gethostbyaddr(host_name)