OpenSRF

Uppercase letters in trusted_domains breaks opensrf

Bug #1280410 reported by joshua lamos
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenSRF
Confirmed
Low
Unassigned

Bug Description

Using a freshly built 2.2.2, having a fqdn with a capital letter in it will cause services to be unresponsive and some listeners (opensrf.math, opensrf.dbmath) do not even start.

If you lowercase the fqdn, everything seems to work.
        <router> <!-- private router -->
            <trusted_domains>
                <server>private.stock-precise-20g.gapines.org</server>
                <!-- only clients on the private domain can send requests to this router -->
                <client>private.stock-precise-20g.gapines.org</client>

Change it to upper, i.e. <server>private.stock-precise-20G.gapines.org</server>, and you encounter the problem.

All other instances of the fqdn in my case had the capital G (other instances in the config files, hostname -f, hosts file).

the listeners for math and dbmath don't stick around, you can't introspect the listeners that do manage to persist, and you end up with entries like these in router.log:
router 2014-02-14 14:08:27 [WARN:30479:osrf_router.c:302:] Received message from un-trusted server domain <email address hidden>/opensrf.persist_listener_stock-precise-20G.gapines.org_30495

Revision history for this message
Ben Shum (bshum) wrote :

Adding link to this super old dev thread where a similar problem with upper/lowercase names was discovered too.

http://libmail.georgialibraries.org/pipermail/open-ils-dev/2007-October/001912.html

Changed in opensrf:
status: New → Confirmed
Revision history for this message
Galen Charlton (gmc) wrote :

Just for the record for anybody running into this: the workaround is clear - use only lowercase for domain names and ejabberd host defintions.

XMPP domains are supposed to be compared in a case-insensitive fashion [1], so it would be reasonable for OpenSRF's trusted domains checks to do the same. Using strcasecmp would be a quick fix, though it looks like a fully standards-compliant fix would use libidn [2] or the like.

[1] To oversimplify, nowadays -- see https://tools.ietf.org/html/rfc6122#section-2.2 for the truly gory details.
[2] http://www.gnu.org/software/libidn/

Changed in opensrf:
importance: Undecided → Low
milestone: none → 2.4.0-alpha
Ben Shum (bshum)
Changed in opensrf:
milestone: 2.4.0-alpha → 2.4.0
Ben Shum (bshum)
Changed in opensrf:
milestone: 2.4.0 → 2.4.1
Galen Charlton (gmc)
Changed in opensrf:
milestone: 2.4.1 → none
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.