[Xymon] Hostname validation (was Re: Xymon 4.3.29 Released - Important Security Update)

Richard L. Hamilton rlhamil2 at gmail.com
Mon Aug 5 23:21:33 CEST 2019


Seems to me that underscore is mainly a problem with address 0.0.0.0 in hosts.cfg (name to IP address resolution via host naming services, esp. if that ends up being DNS). If an IP address in hosts.cfg is used, and the hostname there isn't used in some other way, I don't guess it would matter.

Either a reminder in documentation (including in the hosts.cfg.5.html file) or a check and warning in case a name with underscore was used with non hosts.cfg resolution would probably keep people out of trouble; although underscores are wrong, they're widely tolerated in non-DNS hostnames, so I can see allowing them when they wouldn't cause further problems.

> On Aug 5, 2019, at 16:26, Japheth Cleaver <cleaver at terabithia.org> wrote:
> 
> Thanks, this does indeed fix the issue. I've added in underscores (which have been valid for hostnames in xymon, though not in reality) to match the checks elsewhere. Would appreciate if others could confirm on this.
> 
> Fix/patch is committed in https://sourceforge.net/p/xymon/code/8072/ ; 4.3.30 with this to come shortly.
> 
> Regards,
> -jc
> 
> On 8/5/2019 10:54 AM, Tom Schmidt (tschmidt) wrote:
>> I looked at the source code of 4.3.29 for more instances where dashes in the hostname was not being accepted.  I found that the web/reportlog.c file also needed patched to allow dashes and underscores in hostnames and service names for the "Availability Report" feature.  Attached is the patch file for it as well.
>> 
>> 
>> 
>> 
>> Tom Schmidt
>> Sr Manager, IT, Product Engineering
>> IT ETD Eng Sites US
>> Micron Technology, Inc.
>> Office: +1 (208) 368-4058  Fax: (208)368-2807
>> Email: tschmidt at micron.com  Website: micron.com
>> Micron Technology, Inc., Confidential and Proprietary.
>> 
>> 
>> -----Original Message-----
>> From: Tom Schmidt (tschmidt)
>> Sent: Monday, August 5, 2019 11:03 AM
>> To: Richard L. Hamilton <rlhamil2 at gmail.com>; xymon at xymon.com
>> Subject: RE: [EXT] Re: [Xymon] Xymon 4.3.29 Released - Important Security Update
>> 
>> I likewise see that history button issue for hostnames with dashes or underscores.  Attached is a context diff patch file to fix the issue.  Are there other alphanumerics in hostnames that should be added to line 608 of the web/history.c file?
>> 
>> 
>> Tom Schmidt
>> Sr Manager, IT, Product Engineering
>> IT ETD Eng Sites US
>> Micron Technology, Inc.
>> Office: +1 (208) 368-4058  Fax: (208)368-2807
>> Email: tschmidt at micron.com  Website: micron.com Micron Technology, Inc., Confidential and Proprietary.
>> 
>> 
>> -----Original Message-----
>> From: Xymon <xymon-bounces at xymon.com> On Behalf Of Richard L. Hamilton
>> Sent: Monday, August 5, 2019 10:53 AM
>> To: xymon at xymon.com
>> Subject: [EXT] Re: [Xymon] Xymon 4.3.29 Released - Important Security Update
>> 
>> Yes, I'm seeing the dash problem too.  Some of my VMs have dashes in the name (since they don't migrate, it makes it easier to remember which host they're on); most don't run all the time ("dialup" if you will), but one (actually a Solaris zone) does.  All the ones with dashes in the name get "Cannot open history file".  Please fix!!!
>> 
>>> On Aug 5, 2019, at 11:51, John Horne <john.horne at plymouth.ac.uk> wrote:
>>> 
>>> On Mon, 2019-08-05 at 07:52 -0700, Japheth Cleaver wrote:
>>>> On 8/5/2019 6:19 AM, Dirk Kastens wrote:
>>>>> Hi,
>>>>> 
>>>>> I just upgraded our xymon server on Scientific Linux release 6.10
>>>>> frpm xymon 4.3.28 to 4.3.29.
>>>>> 
>>>>> Two things are not working any longer:
>>>>> 
>>>>> http authentication: I defined the login information in the file
>>>>> /etc/xymon/netrc, which worked before the upgrade. Now the http test
>>>>> are red with the message "Authorization Required".
>>>>> 
>>>>> history files cannot be opened any more. When I click on the history
>>>>> button of a test, I get an empty page with the message "Cannot open
>>>>> history file"
>>>> Thanks,
>>>> 
>>> ...
>>> 
>>>> For history file checking, can you verify that hosts with dashes in
>>>> the name show this symptom while those with just alphanumerics (and
>>>> periods) don't? I believe this may actually be the bug cause here.
>>>> 
>>> Interesting. Can confirm that our clients without a hyphen/dash in the
>>> name work fine with history. The hosts with a hyphen/dash do not -
>>> they get a "Cannot open history file" error.
>>> 
>>> 
>>> 
>>> John.
>>> 
> 
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon



More information about the Xymon mailing list