From 0a97328acca543f5538cfb77063d001bcff74f26 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Mon, 29 Jun 2020 15:53:21 -0400
Subject: [PATCH] [fix] Apply regex filter to hostname input

---
 setup/so-whiptail | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/setup/so-whiptail b/setup/so-whiptail
index 2af8db7e3..e5ebb8827 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -961,16 +961,23 @@ whiptail_set_hostname() {
 
 	HOSTNAME=$(cat /etc/hostname)
 
+	if [[ "$HOSTNAME" == *'localhost'* ]]; then HOSTNAME=securityonion; fi
+
 	HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \
-	"Enter the Hostname you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
+	"Enter the hostname (not FQDN) you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus
 
-	while [[ "$HOSTNAME" == *'localhost'* ]] ; do
-		whiptail --title "Security Onion Setup" --msgbox "Please choose a hostname that doesn't contain localhost." 8 75
+	while [[ $HOSTNAME == *'localhost'* || ! ( $HOSTNAME =~ ^[a-zA-Z0-9\-]*$ ) ]] ; do
+		local error_message
+		error_message=$(echo "Please choose a valid hostname. It cannot contain localhost; and must contain only \
+			the ASCII letters 'a' through 'z' (case-insensitive), the digits '0' through '9', \
+			and hyphen ('-')" | tr -d '\t')
+		whiptail --title "Security Onion Setup" \
+		--msgbox "$error_message" 10 75
 		HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \
-		"Enter the Hostname you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
+		"Enter the hostname (not FQDN) you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
 		local exitstatus=$?
 		whiptail_check_exitstatus $exitstatus
 	done