Bug 12648

Summary: general-functions.pl: validdomainname() treats an empty string as a valid domain name
Product: IPFire Reporter: Peter Müller <peter.mueller>
Component: ---Assignee: Bernhard Bitsch <bbitsch>
Status: ASSIGNED --- QA Contact:
Severity: Minor Usability    
Priority: - Unknown - CC: bbitsch, michael.tremer
Version: 2Keywords: 5MinuteJob
Hardware: all   
OS: All   

Description Peter Müller 2021-06-27 08:08:25 UTC
Bernhard discovered this in https://community.ipfire.org/t/unbound-is-not-running/5695/6.
Comment 1 Michael Tremer 2021-06-28 10:37:40 UTC
Is this something for you, Leo?
Comment 2 Leo Hofmann 2021-06-28 20:31:38 UTC
(In reply to Michael Tremer from comment #1)
> Is this something for you, Leo?

Hi Michael, this looks like something for the next rainy evening :)

At the moment the function would also accept an IP (in the format 1.2.3.4) as the domain name.
Is that intentional, or should it require letters in the TLD?
Comment 3 Bernhard Bitsch 2021-06-29 10:42:14 UTC
RFC1123 states explicitly that IPs are allowed as host names.
So it is ok, if the function allows that.

Investigations about usage of validdomainname show, that dnsforward.cgi is the only file not checking for empty host/domain names.
In wio.cgi it is perhaps better to use validfqdn() instead of validdomainname().
Comment 4 Bernhard Bitsch 2021-06-29 10:43:58 UTC
Another view to the empty string would be to allow the top domain ( . ).
Comment 5 Leo Hofmann 2021-06-30 11:41:56 UTC
Hi Bernhard,
thank you! Have I understood this correctly now?

Allowed names: "abc123xyz", "_-abc.xyz", "."
Invalid names: "" (empty string), "-.abc", "-", "..."
Comment 6 Bernhard Bitsch 2021-06-30 15:20:25 UTC
Allowed names are those of the cited RFCs.
This little program helps to check

#!/usr/bin/perl

my @parts;
my ($part,$n);
my @t = ("host","host.dom.tld",".","","...","host.dom.tld.");

foreach $t(@t) {
	@parts = split(/\./,$t);
	$n = scalar(@parts);
	printf "t=%-20s\t n=%2d\tparts=", $t, $n;
	foreach $part(@parts) {
		printf ">%s< ",$part;
	}
	print "\n";
}

The empty string and the strings containing '.' only result in a empty parts list.
So it isn't allowed to use the top domain.
Further it is allowed to use the FQDN ( with trailing '.' ). This is true for the validfqdn() function also.
Comment 7 Leo Hofmann 2021-06-30 16:45:57 UTC
Bernhard, since you are much more familiar with these RFCs and have already researched and written code, I think you should take over.
I'm handing this back. Sorry for the noise.