Bug 36012

Summary: Warn about hostnames with underscores
Product: UCS Reporter: Janis Meybohm <meybohm>
Component: UMC - System diagnosticAssignee: Lukas Oyen <oyen>
Status: CLOSED FIXED QA Contact: Jürn Brodersen <brodersen>
Severity: normal    
Priority: P5 CC: best, gohmann, oyen, requate
Version: UCS 4.1Flags: oyen: Patch_Available+
Target Milestone: UCS 4.2-2-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: Feature Request What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Attachments: 36012-diagnostic-hostname-check-420.patch
36012-diagnostic-hostname-check-420.patch

Description Janis Meybohm univentionstaff 2014-09-29 09:06:47 CEST 
We (UMC) allow hostnames to have underscores (bug31798) presumably to be able to takeover AD domains that may contain hostnames converted from NetBIOS names that may contain underscores.

A customer reported via http://forum.univention.de/viewtopic.php?f=48&t=3492 that registering those host names in DNS may fail.

We could add a diagnostic module to check for "not RFC compliant" host names.
Comment 1 Lukas Oyen univentionstaff 2017-06-08 15:02:17 CEST 
Created attachment 8909 [details]
36012-diagnostic-hostname-check-420.patch

Check hostnames (filter objectClass=univentionHost, attribute cn) for RFC 1123 [1] compliance. If any non-compliant hostnames are found, a Warning is raised.

[1]: https://tools.ietf.org/html/rfc1123#section-2
Comment 2 Lukas Oyen univentionstaff 2017-06-08 15:03:35 CEST 
Created attachment 8910 [details]
36012-diagnostic-hostname-check-420.patch

Update, forgot to squash.
Comment 3 Lukas Oyen univentionstaff 2017-08-01 16:27:16 CEST 
Committed in r81609 - r81610 (advisory r81649).
Comment 4 Jürn Brodersen univentionstaff 2017-08-30 15:44:58 CEST 
Looks good :)

What I tested:
Checked two computers with: "cn=foo-" and "cn=foo_under" -> The diagnose module warned me about them -> OK

YAML -> OK

Note:
If I understand the RFC correctly dots in hostnames and hostnames up to 255 characters would be ok, too. But that way we might not be able to add them to the dns. Because of that I would say the regex is good.
Comment 5 Lukas Oyen univentionstaff 2017-09-04 09:37:50 CEST 
(In reply to Jürn Brodersen from comment #4)
> If I understand the RFC correctly dots in hostnames and hostnames up to 255
> characters would be ok, too. But that way we might not be able to add them
> to the dns. Because of that I would say the regex is good.

The regex is the one from `hostName` from univention.admin.syntax without the underscores.
Comment 6 Erik Damrose univentionstaff 2017-09-20 15:03:38 CEST 
<http://errata.software-univention.de/ucs/4.2/166.html>