mgr/cephadm: enforce that a host is a valid DNS name

This combines the hostname restrictions

 * 1-63 chars
 * a-z, A-Z, 0-9, -

and the DNS name restrictions

 * .-delimited
 * no empty components (or leading or trailing .)
 * 250 chars total max

Note that this allows bare IPv4 addresses (which are indistinguishable from
a valid DNS name, AFAICS), but disallows bare IPv6 addresses.

Signed-off-by: Sage Weil <sage@redhat.com>

diff --git a/src/pybind/mgr/cephadm/module.py b/src/pybind/mgr/cephadm/module.py
index 53e759a4dbdf45f8613708cd9aaf451104b56deb..57478dff67725a894142e6f4c57e11b9815eee63 100644 (file)
--- a/src/pybind/mgr/cephadm/module.py
+++ b/src/pybind/mgr/cephadm/module.py
@@ -19,6 +19,7 @@ import os
 import random
 import tempfile
 import multiprocessing.pool
+import re
 import shutil
 import subprocess
 
@@ -88,6 +89,17 @@ def _name_to_entity_name(name):
     else:
         return name
 
+def assert_valid_host(name):
+    p = re.compile('^[a-zA-Z0-9-]+$')
+    try:
+        assert len(name) <= 250, 'name is too long (max 250 chars)'
+        parts = name.split('.')
+        for part in name.split('.'):
+            assert len(part) > 0, '.-delimited name component must not be empty'
+            assert len(part) <= 63, '.-delimited name component must not be more than 63 chars'
+            assert p.match(part), 'name component must include only a-z, 0-9, and -'
+    except AssertionError as e:
+        raise OrchestratorError(e)
 
 class AsyncCompletion(orchestrator.Completion):
     def __init__(self,
@@ -1121,6 +1133,7 @@ class CephadmOrchestrator(MgrModule, orchestrator.OrchestratorClientMixin):
 
         :param host: host name
         """
+        assert_valid_host(host)
         out, err, code = self._run_cephadm(host, 'client', 'check-host',
                                            ['--expect-hostname', host],
                                            error_ok=True, no_fsid=True)