Merge branch 'master' into improve-expiry-email

2020-06-04 15:51:17 -07:00 · 2020-06-04 15:51:17 -07:00 · e06c3ea192
parent 840408d5d2 8beaeffaec
commit e06c3ea192
5 changed files with 25 additions and 14 deletions
--- a/lemur/dns_providers/util.py
+++ b/lemur/dns_providers/util.py
@ -31,11 +31,11 @@ class DNSResolveError(DNSError):

 def is_valid_domain(domain):
    """Checks if a domain is syntactically valid and returns a bool"""
-    if len(domain) > 253:
-        return False
    if domain[-1] == ".":
        domain = domain[:-1]
-    fqdn_re = re.compile("(?=^.{1,254}$)(^(?:(?!\d+\.|-)[a-zA-Z0-9_\-]{1,63}(?<!-)\.?)+(?:[a-zA-Z]{2,})$)", re.IGNORECASE)
+    if len(domain) > 253:
+        return False
+    fqdn_re = re.compile("(?=^.{1,63}$)(^(?:[a-z0-9_](?:-*[a-z0-9_])+)$|^[a-z0-9]$)", re.IGNORECASE)
    return all(fqdn_re.match(d) for d in domain.split("."))


--- a/lemur/tests/test_dns_providers.py
+++ b/lemur/tests/test_dns_providers.py
@ -4,9 +4,20 @@ from lemur.dns_providers import util as dnsutil

 class TestDNSProvider(unittest.TestCase):
    def test_is_valid_domain(self):
-        self.assertTrue(dnsutil.is_valid_domain("example.com"))
-        self.assertTrue(dnsutil.is_valid_domain("foo.bar.org"))
-        self.assertTrue(dnsutil.is_valid_domain("_acme-chall.example.com"))
-        self.assertFalse(dnsutil.is_valid_domain("e/xample.com"))
-        self.assertFalse(dnsutil.is_valid_domain("exam\ple.com"))
-        self.assertFalse(dnsutil.is_valid_domain("*.example.com"))
+        self.assertTrue(dnsutil.is_valid_domain('example.com'))
+        self.assertTrue(dnsutil.is_valid_domain('foo.bar.org'))
+        self.assertTrue(dnsutil.is_valid_domain('exam--ple.io'))
+        self.assertTrue(dnsutil.is_valid_domain('a.example.com'))
+        self.assertTrue(dnsutil.is_valid_domain('example.io'))
+        self.assertTrue(dnsutil.is_valid_domain('example-of-under-63-character-domain-label-length-limit-1234567.com'))
+        self.assertFalse(dnsutil.is_valid_domain('example-of-over-63-character-domain-label-length-limit-123456789.com'))
+        self.assertTrue(dnsutil.is_valid_domain('_acme-chall.example.com'))
+        self.assertFalse(dnsutil.is_valid_domain('e/xample.com'))
+        self.assertFalse(dnsutil.is_valid_domain('exam\ple.com'))
+        self.assertFalse(dnsutil.is_valid_domain('<example.com'))
+        self.assertFalse(dnsutil.is_valid_domain('*.example.com'))
+        self.assertFalse(dnsutil.is_valid_domain('-example.io'))
+        self.assertFalse(dnsutil.is_valid_domain('example-.io'))
+        self.assertFalse(dnsutil.is_valid_domain('example..io'))
+        self.assertFalse(dnsutil.is_valid_domain('exa mple.io'))
+        self.assertFalse(dnsutil.is_valid_domain('-'))
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@ -16,7 +16,7 @@ babel==2.8.0              # via sphinx
 bcrypt==3.1.7             # via -r requirements.txt, flask-bcrypt, paramiko
 billiard==3.6.3.0         # via -r requirements.txt, celery
 blinker==1.4              # via -r requirements.txt, flask-mail, flask-principal, raven
-boto3==1.13.18            # via -r requirements.txt
+boto3==1.13.19            # via -r requirements.txt
 botocore==1.16.19         # via -r requirements.txt, boto3, s3transfer
 celery[redis]==4.4.2      # via -r requirements.txt
 certifi==2020.4.5.1       # via -r requirements.txt, requests
@ -38,7 +38,7 @@ flask-principal==0.4.0    # via -r requirements.txt
 flask-replicated==1.3     # via -r requirements.txt
 flask-restful==0.3.8      # via -r requirements.txt
 flask-script==2.0.6       # via -r requirements.txt
-flask-sqlalchemy==2.4.1   # via -r requirements.txt, flask-migrate
+flask-sqlalchemy==2.4.3   # via -r requirements.txt, flask-migrate
 flask==1.1.2              # via -r requirements.txt, flask-bcrypt, flask-cors, flask-mail, flask-migrate, flask-principal, flask-restful, flask-script, flask-sqlalchemy, raven
 future==0.18.2            # via -r requirements.txt, cloudflare
 gunicorn==20.0.4          # via -r requirements.txt
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@ -10,7 +10,7 @@ aws-sam-translator==1.22.0  # via cfn-lint
 aws-xray-sdk==2.5.0       # via moto
 bandit==1.6.2             # via -r requirements-tests.in
 black==19.10b0            # via -r requirements-tests.in
-boto3==1.13.18            # via aws-sam-translator, moto
+boto3==1.13.19            # via aws-sam-translator, moto
 boto==2.49.0              # via moto
 botocore==1.16.19         # via aws-xray-sdk, boto3, moto, s3transfer
 certifi==2020.4.5.1       # via requests
--- a/requirements.txt
+++ b/requirements.txt
@ -14,7 +14,7 @@ asyncpool==1.0            # via -r requirements.in
 bcrypt==3.1.7             # via flask-bcrypt, paramiko
 billiard==3.6.3.0         # via celery
 blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.13.18            # via -r requirements.in
+boto3==1.13.19            # via -r requirements.in
 botocore==1.16.19         # via -r requirements.in, boto3, s3transfer
 celery[redis]==4.4.2      # via -r requirements.in
 certifi==2020.4.5.1       # via -r requirements.in, requests
@ -36,7 +36,7 @@ flask-principal==0.4.0    # via -r requirements.in
 flask-replicated==1.3     # via -r requirements.in
 flask-restful==0.3.8      # via -r requirements.in
 flask-script==2.0.6       # via -r requirements.in
-flask-sqlalchemy==2.4.1   # via -r requirements.in, flask-migrate
+flask-sqlalchemy==2.4.3   # via -r requirements.in, flask-migrate
 flask==1.1.2              # via -r requirements.in, flask-bcrypt, flask-cors, flask-mail, flask-migrate, flask-principal, flask-restful, flask-script, flask-sqlalchemy, raven
 future==0.18.2            # via -r requirements.in, cloudflare
 gunicorn==20.0.4          # via -r requirements.in