Added ipv4 validation, forbid network and broadcast addresses

Signed-off-by: Damien PIQUET <piqudam@gmail.com>
This commit is contained in:
Damien PIQUET 2013-02-26 17:55:30 +01:00 committed by Dietmar Maurer
parent f35712ea21
commit e16a27be12

View File

@ -12,6 +12,7 @@ use PVE::RPCEnvironment;
use PVE::JSONSchema qw(get_standard_option);
use PVE::AccessControl;
use IO::File;
use Net::IP qw(:PROC);
use base qw(PVE::RESTHandler);
@ -159,6 +160,17 @@ my $check_duplicate_gateway = sub {
}
};
my $check_ipv4_settings = sub {
my $param = $_[0];
my $binip = Net::IP::ip_iptobin($param->{address}, 4);
my $binmask = Net::IP::ip_iptobin($param->{netmask}, 4);
my $broadcast = Net::IP::ip_to_bin('255.255.255.255', 4);
my $binhost = $binip | $binmask;
raise_param_exc({ address => "$param->{address} is not a valid host ip address." })
if ($binhost eq $binmask) || ($binhost eq $broadcast);
};
__PACKAGE__->register_method({
name => 'create_network',
@ -192,6 +204,8 @@ __PACKAGE__->register_method({
&$check_duplicate_gateway($config, $iface)
if $param->{gateway};
&$check_ipv4_settings($param);
$param->{method} = $param->{address} ? 'static' : 'manual';
$config->{$iface} = $param;
@ -247,6 +261,8 @@ __PACKAGE__->register_method({
&$check_duplicate_gateway($config, $iface)
if $param->{gateway};
&$check_ipv4_settings($param);
$param->{method} = $param->{address} ? 'static' : 'manual';
foreach my $k (keys %$param) {