Make sure that hostname specified by user is not an IP address.

ticket 1375

3 files changed, 10 insertions, 1 deletions

diff --git a/ipa-client/ipaclient/ipadiscovery.py b/ipa-client/ipaclient/ipadiscovery.py
index 77727b28e..ecd8275c4 100644
--- a/ipa-client/ipaclient/ipadiscovery.py
+++ b/ipa-client/ipaclient/ipadiscovery.py
@@ -24,7 +24,7 @@ import ipapython.dnsclient
 import tempfile
 import ldap
 from ldap import LDAPError
-from ipapython.ipautil import run, CalledProcessError
+from ipapython.ipautil import run, CalledProcessError, valid_ip
 
 
 NOT_FQDN = -1
@@ -119,6 +119,9 @@ class IPADiscovery:
                 if not hostname:
                     return BAD_HOST_CONFIG
 
+                if valid_ip(hostname):
+                    return NOT_FQDN
+
                 # first, check for an LDAP server for the local domain
                 p = hostname.find(".")
                 if p == -1: #no domain name
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index 0191662cd..da6e94c85 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -145,6 +145,9 @@ class CheckedIPAddress(netaddr.IPAddress):
     def is_local(self):
         return self.interface is not None
 
+def valid_ip(addr):
+    return netaddr.valid_ipv4(addr) or netaddr.valid_ipv6(addr)
+
 def realm_to_suffix(realm_name):
     s = realm_name.split(".")
     terms = ["dc=" + x.lower() for x in s]
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index c6e8641e4..df63b8e8c 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -120,6 +120,9 @@ def verify_fqdn(host_name,no_host_dns=False):
     if host_name != host_name.lower():
         raise RuntimeError("Invalid hostname '%s', must be lower-case." % host_name)
 
+    if ipautil.valid_ip(host_name):
+        raise RuntimeError("IP address not allowed as a hostname")
+
     if no_host_dns:
         print "Warning: skipping DNS resolution of host", host_name
         return