Bug 968952 - Alias name with ONLY dot should not be valid alias name
Alias name with ONLY dot should not be valid alias name
Status: CLOSED CURRENTRELEASE
Product: OpenShift Online
Classification: Red Hat
Component: Master (Show other bugs)
2.x
Unspecified Unspecified
medium Severity medium
: ---
: ---
Assigned To: Abhishek Gupta
libra bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-30 06:52 EDT by Gaoyun Pei
Modified: 2015-05-14 20:54 EDT (History)
3 users (show)

See Also:
Fixed In Version: devenv_3295
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 969112 (view as bug list)
Environment:
Last Closed: 2013-06-11 00:14:12 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gaoyun Pei 2013-05-30 06:52:42 EDT
Description of problem:
Alias name which only has dot, such as "." ".." could be added to application now, actually, they couldn't work well at all. 
And if I add alias ".." to an app, when I try to remove the alias name via rhc client, the app would be deleted.
Considering such alias name couldn't work well, we should mark such alias name as invalid.

Version-Release number of selected component (if applicable):
rhc-1.9.6-1.git.0.e6fd8d2.el6.noarch
devenv_3289

How reproducible:
Always

Steps to Reproduce:
1. Create an app, and add alias name ".." to it
[root@ip-10-141-154-81 ~]# rhc alias add app1 ..
Alias '..' has been added.
[root@ip-10-141-154-81 ~]# rhc app show app1
app1 @ http://app1-000.dev.rhcloud.com/ (uuid: 373974725158129627037696)
------------------------------------------------------------------------
  Created: 6:02 AM
  Gears:   1 (defaults to small)
  Git URL: ssh://373974725158129627037696@app1-000.dev.rhcloud.com/~/git/app1.git/
  SSH:     373974725158129627037696@app1-000.dev.rhcloud.com
  Aliases: ..

  ruby-1.8 (Ruby 1.8)
  -------------------
    Gears: 1 small

[root@ip-10-141-154-81 ~]# curl -H "Host: .."  10.141.154.81
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.2.15 (Red Hat) Server at .. Port 80</address>
</body></html>


2. Remove the alias name
[root@ip-10-141-154-81 ~]# rhc alias remove app1 ..
Alias '..' has been removed.
[root@ip-10-141-154-81 ~]# rhc app show app1
Application 'app1' not found for domain '000'


Actual results:
The alias name ".." couldn't work and application would be deleted when removing the alias.

Expected results:
Alias which only contains dot should be an invalid alias name.

Additional info:
Removing alias name action could be done normally by REST API, after removing alias name via REST API, the app is still there.
But when this action moved to rhc client, the broker would get a deleting application action request shown in user_action.log
...
SUCCESS DATE=2013-05-30 TIME=06:08:24 ACTION=AUTHENTICATE REQ_ID=aa0a8277876e5d2181863a6a4bef33ea USER_ID=51a723bbecf6c7c984000309 LOGIN=gpei IP=127.0.0.1 SCOPES=session Authenticated
SUCCESS DATE=2013-05-30 TIME=06:08:32 ACTION=DELETE_APPLICATION REQ_ID=aa0a8277876e5d2181863a6a4bef33ea USER_ID=51a723bbecf6c7c984000309 LOGIN=gpei APP=app1 DOMAIN=000 APP_UUID=373974725158129627037696 Application app1 is deleted.
...
Comment 1 Abhishek Gupta 2013-05-30 12:52:07 EDT
Bug 969112 has been created as a clone of this bug to capture the issue where trying to delete the alias with just a DOT as the name results in deleting the application. This bug is now focused on ensuring that we have the right alias name validations for creating an alias. 

Lowering the severity since the REST API is able to successfully delete the alias and this is just a matter of adding a validation.
Comment 2 Abhishek Gupta 2013-05-30 13:36:05 EDT
Take a look at the first response to the question posted on stackoverflow for some suggestions on the regex validation.

http://stackoverflow.com/questions/8848981/looking-to-build-some-regex-to-validate-domain-names-rfc-952-rfc-1123
Comment 3 Abhishek Gupta 2013-05-30 17:04:51 EDT
Fixed with --> https://github.com/openshift/origin-server/pull/2697
Comment 4 openshift-github-bot 2013-05-30 19:52:38 EDT
Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/ebc0c36918a92d57a000ddab8bd20cd1748aa632
Fix for bug 968952
 - Fixing application alias validation regex
Comment 5 Abhishek Gupta 2013-05-30 21:38:04 EDT
Fix will be pushed to stage tomorrow.
Comment 6 Gaoyun Pei 2013-05-31 02:09:53 EDT
This bug was fixed on devenv_3296, move it to VERIFIED.

[root@ip-10-165-27-170 ~]# rhc alias add app1 ..
Invalid Server Alias '..' specified
[root@ip-10-165-27-170 ~]# rhc alias add app1 .
Invalid Server Alias '.' specified
[root@ip-10-165-27-170 ~]# rhc alias add app1 a..
Invalid Server Alias 'a..' specified
[root@ip-10-165-27-170 ~]# rhc alias add app1 ..a
Invalid Server Alias '..a' specified

[root@ip-10-165-27-170 ~]# curl -k -H 'Accept: application/xml' --user hhh:r https://localhost/broker/rest/domains/y/applications/app1/events -X POST -d event=add-alias -d alias=a..
<?xml version="1.0" encoding="UTF-8"?>
<response>
  <status>unprocessable_entity</status>
  <type nil="true"></type>
  <data>
    <datum nil="true"></datum>
  </data>
  <messages>
    <message>
      <severity>error</severity>
      <text>Invalid Server Alias 'a..' specified</text>
      <exit-code>105</exit-code>
      <field nil="true"></field>
    </message>
  </messages>
  <version>1.4</version>
  <supported-api-versions>
    <supported-api-version>1.0</supported-api-version>
    <supported-api-version>1.1</supported-api-version>
    <supported-api-version>1.2</supported-api-version>
    <supported-api-version>1.3</supported-api-version>
    <supported-api-version>1.4</supported-api-version>
  </supported-api-versions>
  <errors/>
</response>

Note You need to log in before you can comment on or make changes to this bug.