Add logic to show uppercase warning message when appropriate

2025-12-06 17:22:49 +01:00 · 2021-07-15 16:36:46 -04:00
parent ac98e1fd0f
commit b552973e00
3 changed files with 55 additions and 6 deletions
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -160,6 +160,14 @@ fail() {
 	exit 1
 }

+fqdn_lowercase() {
+	local fqdn=$1
+
+	echo "$fqdn" | grep -qP '(?=^.{4,253}$)(^((?!-)[a-z0-9-]{0,62}[a-z0-9]\.)+[a-z]{2,63}$)' \
+		&& return 0 \
+		|| return 1
+}
+
 get_random_value() {
 	length=${1:-20}
 	head -c 5000 /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w $length | head -n 1
@@ -186,6 +194,12 @@ header() {
 	printf '%s\n' "" "$banner" " $*" "$banner" 
 }

+hostname_lowercase() {
+	local hostname=$1
+
+	[[ $hostname =~ ^[a-z0-9\-]+$ ]] && return 0 || return 1
+}
+
 init_monitor() {
 	MONITORNIC=$1
 	
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -423,14 +423,28 @@ collect_homenet_snsr() {
 }

 collect_hostname() {
+	collect_hostname_validate
+
+	while ! hostname_lowercase "$HOSTNAME"; do
+		if ! (whiptail_uppercase_warning); then
+			collect_hostname_validate
+		else
+			no_use_hostname=true
+			break
+		fi
+	done
+}
+
+collect_hostname_validate() {
 	if [[ $automated == no ]] && [[ "$HOSTNAME" == *'localhost'* ]]; then HOSTNAME=securityonion; fi

 	whiptail_set_hostname "$HOSTNAME"

-	if [[ $HOSTNAME == 'securityonion' ]]; then # Will only check HOSTNAME=securityonion once
+	if [[ -z $default_hostname_flag ]] && [[ $HOSTNAME == 'securityonion' ]]; then # Will only check HOSTNAME=securityonion once
 		if ! (whiptail_avoid_default_hostname); then
 			whiptail_set_hostname "$HOSTNAME"
 		fi
+		default_hostname_flag=true
 	fi

 	while ! valid_hostname "$HOSTNAME"; do
@@ -648,7 +662,23 @@ collect_proxy_details() {
 }

 collect_redirect_host() {
-	whiptail_set_redirect_host "$HOSTNAME"
+	collect_redirect_host_validate
+
+	while ! hostname_lowercase "$REDIRECTHOST" && ! fqdn_lowercase "$REDIRECTHOST"; do
+		local text
+		! valid_hostname "$REDIRECTHOST" && text="domain name" || text="hostname"
+		if ! (whiptail_uppercase_warning "$text"); then
+			collect_redirect_host_validate "$REDIRECTHOST"
+		else
+			break
+		fi
+	done
+}
+
+collect_redirect_host_validate() {
+	local prefill=${1:-$HOSTNAME}
+
+	whiptail_set_redirect_host "$prefill"

 	while ! valid_ip4 "$REDIRECTHOST" && ! valid_hostname "$REDIRECTHOST" && ! valid_fqdn "$REDIRECTHOST"; do
 		whiptail_invalid_input
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -1661,11 +1661,16 @@ whiptail_set_redirect() {

 	[ -n "$TESTING" ] && return

+	local options=()
+	options+=( "IP" "Use IP address to access the web interface" ON )
+	[[ $no_use_hostname != true ]] && options+=( "HOSTNAME" "Use hostname to access the web interface" OFF )
+	options+=("OTHER" "Use a different name like a FQDN or Load Balancer" OFF)
+
 	REDIRECTINFO=$(whiptail --title "$whiptail_title" --radiolist \
 		"How would you like to access the web interface?\n\nSecurity Onion uses strict cookie enforcement, so whatever you choose here will be the only way that you can access the web interface.\n\nIf you choose something other than IP address, then you'll need to ensure that you can resolve the name via DNS or hosts entry. If you are unsure, please select IP." 20 75 4 \
-	"IP" "Use IP address to access the web interface" ON  \
-	"HOSTNAME" "Use hostname to access the web interface" OFF \
-	"OTHER" "Use a different name like a FQDN or Load Balancer" OFF 3>&1 1>&2 2>&3 )
+		"${options[@]}" \
+		3>&1 1>&2 2>&3 
+	)
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus
 }