Skip to content

Commit

Permalink
add messaging hostname validation
Browse files Browse the repository at this point in the history
  • Loading branch information
nasark committed Jul 17, 2024
1 parent 71b6dfb commit 9273bf6
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 13 deletions.
23 changes: 22 additions & 1 deletion lib/manageiq/appliance_console/message_configuration.rb
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ def ask_questions
show_parameters
return false unless agree("\nProceed? (Y/N): ")

return false unless host_reachable?(message_server_host, "Message Server Host:")
return false unless host_resolvable?(message_server_host) && host_reachable?(message_server_host, "Message Server Host:")

true
end
Expand Down Expand Up @@ -190,6 +190,27 @@ def host_reachable?(host, what)
true
end

def host_resolvable?(host)
require 'resolv'

say("Checking if #{host} is resolvable ... ")
begin
ip_address = Resolv.getaddress(host)
if ip_address == "127.0.0.1" || ip_address == "::1"
say("Failed.\nThe hostname must not resolve to 127.0.0.1")

return false
end
rescue Resolv::ResolvError => e
say("Failed.\nHostname #{host} is not resolvable: #{e.message}")

return false
end

say("Succeeded.")
true
end

def unconfigure
remove_installed_files
end
Expand Down
15 changes: 3 additions & 12 deletions lib/manageiq/appliance_console/message_configuration_server.rb
Original file line number Diff line number Diff line change
Expand Up @@ -68,11 +68,7 @@ def restart_services
def ask_for_parameters
say("\nMessage Server Parameters:\n\n")

@message_server_host = ask_for_string("Message Server Hostname or IP address", message_server_host)

# SSL Validation for Kafka does not work for hostnames containing "localhost"
# Therefore we replace with the equivalent IP "127.0.0.1" if a /localhost*/ hostname was entered
@message_server_host = "127.0.0.1" if @message_server_host.include?("localhost")
@message_server_host = ask_for_messaging_hostname("Message Server Hostname", message_server_host)

@message_keystore_username = ask_for_string("Message Keystore Username", message_keystore_username)
@message_keystore_password = ask_for_new_password("Message Keystore Password")
Expand Down Expand Up @@ -301,13 +297,8 @@ def assemble_keystore_params
"-genkey" => nil,
"-keyalg" => "RSA"}

if message_server_host.ipaddress?
keystore_params["-alias"] = "localhost"
keystore_params["-ext"] = "san=ip:#{message_server_host}"
else
keystore_params["-alias"] = message_server_host
keystore_params["-ext"] = "san=dns:#{message_server_host}"
end
keystore_params["-alias"] = message_server_host
keystore_params["-ext"] = "san=dns:#{message_server_host}"

keystore_params["-dname"] = "cn=#{keystore_params["-alias"]}"

Expand Down
6 changes: 6 additions & 0 deletions lib/manageiq/appliance_console/prompts.rb
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ module Prompts
INT_REGEXP = /^[0-9]+$/
NONE_REGEXP = /^('?NONE'?)?$/i.freeze
HOSTNAME_REGEXP = /^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$/.freeze
MESSAGING_HOSTNAME_REGEXP = /^(?!.*localhost)(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$/.freeze

def ask_for_uri(prompt, expected_scheme, opts = {})
require 'uri'
Expand Down Expand Up @@ -71,6 +72,11 @@ def ask_for_hostname(prompt, default = nil, validate = HOSTNAME_REGEXP, error_te
just_ask(prompt, default, validate, error_text, &block)
end

def ask_for_messaging_hostname(prompt, default = nil, error_text = "a valid Messaging Hostname (not an IP or localhost)", &block)
validation = ->(h) { h =~ MESSAGING_HOSTNAME_REGEXP && h !~ IP_REGEXP }
just_ask(prompt, default, validation, error_text, &block)
end

def ask_for_ip_or_hostname(prompt, default = nil)
validation = ->(h) { (h =~ HOSTNAME_REGEXP || h =~ IP_REGEXP) && h.length > 0 }
ask_for_ip(prompt, default, validation, "a valid Hostname or IP Address.")
Expand Down

0 comments on commit 9273bf6

Please sign in to comment.