aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2014-12-19 15:46:51 +0200
committerSergey Poznyakoff <gray@gnu.org.ua>2014-12-19 15:46:51 +0200
commit9896bd62c08a160b75a2dc6c969b4b14eea3d3fa (patch)
treef6845d8754b3b692903eb5dc6cf58d65944ec1c6
parente11146fd1b10a8cf565ddf0c73b555ccfed21b59 (diff)
downloaddnstools-9896bd62c08a160b75a2dc6c969b4b14eea3d3fa.tar.gz
dnstools-9896bd62c08a160b75a2dc6c969b4b14eea3d3fa.tar.bz2
vhostcname: add checks for domain name validity
* vhostcname/vhostcname: New option --allow-wildcard-domains. (valid_domain_name): new sub (get_cnames): Skip domain names that don't pass the validity check.
-rwxr-xr-xvhostcname/vhostcname38
1 files changed, 37 insertions, 1 deletions
diff --git a/vhostcname/vhostcname b/vhostcname/vhostcname
index 917cd73..359101c 100755
--- a/vhostcname/vhostcname
+++ b/vhostcname/vhostcname
@@ -39,2 +39,3 @@ my $dry_run; # Dry-run mode.
my $debug; # Debug level.
+my $allow_wildcard_domains;
@@ -78,2 +79,18 @@ sub read_config_file($) {
+# Domain names may be formed from the set of alphanumeric ASCII characters
+# (a-z, A-Z, 0-9). In addition the hyphen is permitted if it is surrounded
+# by characters, digits or hyphens, although it is not to start or end a
+# label.
+sub valid_domain_name {
+ my $name = shift;
+ $name =~ s/^\*\.// if ($allow_wildcard_domains);
+ foreach my $label (split(/\./, $name)) {
+ $label =~ s/-+/-/g;
+ $label =~ s/[a-zA-Z0-9]-[a-zA-Z0-9]//g;
+ return 0 if $label =~ /^-/ or $label =~ /-$/;
+ return 0 if $label =~ /[^a-zA-Z0-9]/;
+ }
+ return 1;
+}
+
sub get_cnames($) {
@@ -90,2 +107,3 @@ sub get_cnames($) {
};
+ my $line = 0;
while (<$fd>) {
@@ -97,4 +115,15 @@ sub get_cnames($) {
foreach my $name (split /\s+/, $2) {
+ unless (valid_domain_name($name)) {
+ print STDERR "$script: $file:$line: $name: invalid domain name\n";
+ next;
+ }
foreach my $z (@zone) {
- $ret{$name} = $z if ($name =~ /.*\.$z/);
+ if ($name =~ /.*\.$z$/) {
+ if ($name =~ /^\*\.(.+)/ and $1 eq $z) {
+ print STDERR "$script: $file:$line: $name: first-level wildcard\n";
+ next;
+ }
+ $ret{$name} = $z;
+ last;
+ }
}
@@ -287,2 +316,3 @@ GetOptions("help" => \$man,
"server=s" => \$nameserver,
+ "allow-wildcard-domains" => \$allow_wildcard_domains
) or exit(3);
@@ -428,2 +458,8 @@ Ignored
+=item B<--allow-wildcard-domains>
+
+Allow the use of wildcard (B<*>). When this option is in effect, a wildcard
+will be allowed if it is the very first label in a domain name and it is
+separated from the base zone (see the B<--zone> option) by one or more labels.
+
=item B<--apache-config-directory=>I<DIR>

Return to:

Send suggestions and report system problems to the System administrator.