<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">I recall this being a debate back in
the 4.3.26 timeframe as well, when we were tightening
restrictions, but I couldn't find any of the messages in the
archive. Ultimately, I believe slashes were might have been being
used by some folks, so I wanted to minimize disruption then. Hence
in the 4.3.26 notes:</div>
<div class="moz-cite-prefix">
<blockquote>Incoming test names are now restricted to alphanumeric
characters, colons<br>
dashes, underscores, and slashes. Slashes and colons may be
restricted in<br>
a future release.<br>
<br>
Unconfigured (ghost) host names are now restricted to
alphanumerics, colons,<br>
commas, periods, dashes, and underscores. It is strongly
recommended to use only<br>
valid hostnames and DNS components in servers names.<br>
</blockquote>
<br>
</div>
<div class="moz-cite-prefix">So DNS-safe domain components and
Unix-safe hostnames would remain the suggestion going forward, but
not enforced as such in 4.3.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">-jc<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 8/5/2019 4:04 PM, Tom Schmidt
(tschmidt) wrote:<br>
</div>
<blockquote type="cite"
cite="mid:BYAPR08MB5190E621E73589E8D20CACE2B9DA0@BYAPR08MB5190.namprd08.prod.outlook.com">
<pre class="moz-quote-pre" wrap="">I did not mean for this to get into a debate. The systems I am monitoring with Xymon do not have underscores in their hostnames but many have the hyphen. When I queried my companies DNS server, a few CNAME records have underscores, but no A records have an underscore. Xymon could monitor a system using a CNAME record, so IMHO it should still allow it for the reporting and history features.
Tom Schmidt
Sr Manager, IT, Product Engineering
IT ETD Eng Sites US
Micron Technology, Inc.
Office: +1 (208) 368-4058 Fax: (208)368-2807
Email: <a class="moz-txt-link-abbreviated" href="mailto:tschmidt@micron.com">tschmidt@micron.com</a> Website: micron.com
Micron Technology, Inc., Confidential and Proprietary.
-----Original Message-----
From: Xymon <a class="moz-txt-link-rfc2396E" href="mailto:xymon-bounces@xymon.com"><xymon-bounces@xymon.com></a> On Behalf Of Axel Beckert
Sent: Monday, August 5, 2019 3:48 PM
To: <a class="moz-txt-link-abbreviated" href="mailto:xymon@xymon.com">xymon@xymon.com</a>
Subject: [EXT] Re: [Xymon] Hostname validation (was Re: Xymon 4.3.29 Released - Important Security Update)
Hi,
On Mon, Aug 05, 2019 at 05:21:33PM -0400, Richard L. Hamilton wrote:
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">Seems to me that underscore is mainly a problem with address 0.0.0.0
in hosts.cfg (name to IP address resolution via host naming services,
esp. if that ends up being DNS). If an IP address in hosts.cfg is
used, and the hostname there isn't used in some other way, I don't
guess it would matter.
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">
Hmmm, indeed
<a class="moz-txt-link-freetext" href="https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FDomain_Name_System%23Domain_name_syntax%2C_internationalization&data=02%7C01%7Ctschmidt%40micron.com%7C7bdb890c737b4e9b908708d719eea31b%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637006385051444790&sdata=Uo0pyo9e0AkeTihN9nPvLDW%2BizoaHNpp%2BCEuIFBkcVI%3D&reserved=0">https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FDomain_Name_System%23Domain_name_syntax%2C_internationalization&data=02%7C01%7Ctschmidt%40micron.com%7C7bdb890c737b4e9b908708d719eea31b%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637006385051444790&sdata=Uo0pyo9e0AkeTihN9nPvLDW%2BizoaHNpp%2BCEuIFBkcVI%3D&reserved=0</a>
as well as RFC 608, 810 and 952 say that no other characters than letters, digits and hyphens are allowed.
I'm though quite sure to already have seen hostnames with underscore and even a slash in the wild. The latter was though about 20 years ago or so where I saw router names of a university with a slash in their hostname.
Traces of hostnames with slashes can also be found on the web, e.g.
<a class="moz-txt-link-freetext" href="https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fserverfault.com%2Fquestions%2F963735%2Fsyslog-ng-hostnames-with-slashes&data=02%7C01%7Ctschmidt%40micron.com%7C7bdb890c737b4e9b908708d719eea31b%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637006385051444790&sdata=YCiH8mRaATsBxF8w9APxCcYMdi81zSz1tzD2JnhWkZY%3D&reserved=0">https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fserverfault.com%2Fquestions%2F963735%2Fsyslog-ng-hostnames-with-slashes&data=02%7C01%7Ctschmidt%40micron.com%7C7bdb890c737b4e9b908708d719eea31b%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637006385051444790&sdata=YCiH8mRaATsBxF8w9APxCcYMdi81zSz1tzD2JnhWkZY%3D&reserved=0</a>
And underscore is explicitly mentioned in
<a class="moz-txt-link-freetext" href="https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FHostname%23Restrictions_on_valid_hostnames&data=02%7C01%7Ctschmidt%40micron.com%7C7bdb890c737b4e9b908708d719eea31b%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637006385051444790&sdata=2TieCKA%2F1VVIIEMVdm7A3hU5q2CDggPp0b2R%2B9iEzhE%3D&reserved=0">https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FHostname%23Restrictions_on_valid_hostnames&data=02%7C01%7Ctschmidt%40micron.com%7C7bdb890c737b4e9b908708d719eea31b%7Cf38a5ecd28134862b11bac1d563c806f%7C0%7C0%7C637006385051444790&sdata=2TieCKA%2F1VVIIEMVdm7A3hU5q2CDggPp0b2R%2B9iEzhE%3D&reserved=0</a>
So IMHO while not being standard-compliant hostnames, Xymon should accept at least hostnames with underscore, too.
On the other hand, I don't think, it's necessary to also add the slash to the list of valid characters for hostnames as the dot is already in there, too, and hostnames which are allowed to contain "/../" are definitely no good. :-)
Kind regards, Axel
</pre>
</blockquote>
<p><br>
</p>
</body>
</html>