diff options
| author | Stefan Agner <falstaff@deheime.ch> | 2017-11-16 10:05:44 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2017-11-16 10:05:44 +0100 |
| commit | 9740eae694e93b06658ff3b3045b22b591561e7c (patch) | |
| tree | 4ff8e90d39b35eeac9584e960dd6c9b422d54e32 /src/libsystemd-network | |
| parent | man: document that noauto doesn't affect automount units configured through /... (diff) | |
| download | systemd-9740eae694e93b06658ff3b3045b22b591561e7c.tar.xz systemd-9740eae694e93b06658ff3b3045b22b591561e7c.zip | |
sd-dhcp-client: validate hostnames stricter (#7308)
Technically DNS allows any ASCII character to be used in the
domain name. Also the DHCP specification for the FQDN option
(RFC 4702) does not put restriction on labels.
However, hostnames do have stricter requirements and typically
should only use characters from a-z (case insensitve), 0-9 and
minus.
Currently we require hostname/FQDN to be either a hostname or
a valid DNS name. Since dns_name_is_valid() allows any ASCII
characters this allows to specify hostnames which are typically
not valid.
Check hostname/FQDN more strictly and require them to pass both
tests. Specifically this requires the entire FQDN to be below 63.
Diffstat (limited to 'src/libsystemd-network')
| -rw-r--r-- | src/libsystemd-network/sd-dhcp-client.c | 4 | ||||
| -rw-r--r-- | src/libsystemd-network/test-dhcp-client.c | 6 |
2 files changed, 8 insertions, 2 deletions
diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c index 29b22eed45..d30755115e 100644 --- a/src/libsystemd-network/sd-dhcp-client.c +++ b/src/libsystemd-network/sd-dhcp-client.c @@ -415,9 +415,9 @@ int sd_dhcp_client_set_hostname( assert_return(client, -EINVAL); - /* Refuse hostnames that neither qualify as DNS nor as Linux hosntames */ + /* Make sure hostnames qualify as DNS and as Linux hostnames */ if (hostname && - !(hostname_is_valid(hostname, false) || dns_name_is_valid(hostname) > 0)) + !(hostname_is_valid(hostname, false) && dns_name_is_valid(hostname) > 0)) return -EINVAL; return free_and_strdup(&client->hostname, hostname); diff --git a/src/libsystemd-network/test-dhcp-client.c b/src/libsystemd-network/test-dhcp-client.c index e4ef479a54..e71f2a4d1d 100644 --- a/src/libsystemd-network/test-dhcp-client.c +++ b/src/libsystemd-network/test-dhcp-client.c @@ -75,6 +75,12 @@ static void test_request_basic(sd_event *e) { assert_se(sd_dhcp_client_set_ifindex(client, 0) == -EINVAL); assert_se(sd_dhcp_client_set_ifindex(client, 1) == 0); + assert_se(sd_dhcp_client_set_hostname(client, "host") == 1); + assert_se(sd_dhcp_client_set_hostname(client, "host.domain") == 1); + assert_se(sd_dhcp_client_set_hostname(client, NULL) == 1); + assert_se(sd_dhcp_client_set_hostname(client, "~host") == -EINVAL); + assert_se(sd_dhcp_client_set_hostname(client, "~host.domain") == -EINVAL); + assert_se(sd_dhcp_client_set_request_option(client, SD_DHCP_OPTION_SUBNET_MASK) == -EEXIST); assert_se(sd_dhcp_client_set_request_option(client, |