Fix invalid DNS SAN entries (#795) #802
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes here fix a situation where a edge device's host name that begins with number(s) [0-9] gets sanitized. For example host name "2019edgehost" is consumed as "edgehost". This has caused problems was observed when using VMs that begin with numbers since it appears to be permitted configuration contrary to RFC 1035. The changes involve passing the configured host name as is into the SAN entry without any modifications. The module id DNS entry continues to be sanitized.
varunpuranik
reviewed
Feb 4, 2019
| @@ -87,7 +89,10 @@ where | |||
| // an alternative DNS name; we also need to add the common_name that we are using | |||
| // as a DNS name since the presence of a DNS name SAN will take precedence over | |||
| // the common name | |||
| let sans = vec![prepare_dns_san_entries(&[&module_id, common_name])]; | |||
| let sans = vec![append_dns_san_entries( | |||
| &prepare_dns_san_entries(&[&module_id]), | |||
There was a problem hiding this comment.
Feels like this should be made prepare_dns_san_entry again..
varunpuranik
approved these changes
Feb 4, 2019
|
Didn't this already get merged? |
|
Ah this is on the 1.0.6 release. |
This reverts commit a8148cc.
Changes here fix a situation where a edge device's host name that begins with number(s) [0-9] gets sanitized. For example host name "2019edgehost" is consumed as "edgehost". This has caused problems was observed when using VMs that begin with numbers since it appears to be permitted configuration contrary to RFC 1035. The changes involve passing the configured host name as is into the SAN entry without any modifications. The module id DNS entry continues to be sanitized.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes here fix a situation where a edge device's host name that begins with number(s) [0-9] gets sanitized. For example host name "2019edgehost" is consumed as "edgehost". This has caused problems was observed when using VMs that begin with numbers since it appears to be permitted configuration contrary to RFC 1035.
The changes involve passing the configured host name as is into the SAN entry without any modifications. The module id DNS entry continues to be sanitized.