Check for hostname validity

2025-10-31 00:25:06 +01:00 · 2013-04-27 14:59:25 +02:00
parent d46f226e32
commit bbf0c42141
2 changed files with 33 additions and 3 deletions
--- a/lib/dyndnsd.rb
+++ b/lib/dyndnsd.rb
@@ -31,6 +31,7 @@ module Dyndnsd
  class Daemon
    def initialize(config, db, updater, responder)
      @users = config['users']
+      @domain = config['domain']
      @db = db
      @updater = updater
      @responder = responder
@@ -45,6 +46,14 @@ module Dyndnsd
      @updater.update(@db)
    end
    
+    def is_fqdn_valid?(hostname)
+      return false if hostname.length < @domain.length + 2
+      return false if not hostname.end_with?(@domain)
+      name = hostname.chomp(@domain)
+      return false if not name.match(/^[a-zA-Z0-9_-]+\.$/)
+      true
+    end
+    
    def call(env)
      return @responder.response_for(:method_forbidden) if env["REQUEST_METHOD"] != "GET"
      return @responder.response_for(:not_found) if env["PATH_INFO"] != "/nic/update"
@@ -55,8 +64,8 @@ module Dyndnsd
      
      hostname = params["hostname"]
      
-      # Check if hostname(s) match rules
-      #return @responder.response_for(:hostname_malformed) if XY
+      # Check if hostname match rules
+      return @responder.response_for(:hostname_malformed) if not is_fqdn_valid?(hostname)
      
      user = env["REMOTE_USER"]
      
--- a/spec/daemon_spec.rb
+++ b/spec/daemon_spec.rb
@@ -5,6 +5,7 @@ describe Dyndnsd::Daemon do
  
  def app
    config = {
+      'domain' => 'example.org',
      'users' => {
        'test' => {
          'password' => 'secret',
@@ -79,7 +80,27 @@ describe Dyndnsd::Daemon do
  end
  
  it 'forbids invalid hostnames' do
-    pending
+    authorize 'test', 'secret'
+    
+    get '/nic/update?hostname=test'
+    last_response.should be_ok
+    last_response.body.should == 'notfqdn'
+    
+    get '/nic/update?hostname=test.example.com'
+    last_response.should be_ok
+    last_response.body.should == 'notfqdn'
+    
+    get '/nic/update?hostname=test.example.org.me'
+    last_response.should be_ok
+    last_response.body.should == 'notfqdn'
+    
+    get '/nic/update?hostname=foo.test.example.org'
+    last_response.should be_ok
+    last_response.body.should == 'notfqdn'
+    
+    get '/nic/update?hostname=in%20valid.example.org.me'
+    last_response.should be_ok
+    last_response.body.should == 'notfqdn'
  end
  
  it 'outputs status per hostname' do