* [network] [PATCH 1/4] ipv4: new function ipv4_net_is_valid
@ 2017-06-03 11:25 Jonatan Schlag
2017-06-03 11:25 ` [network] [PATCH 2/4] ip: restructure ip_net_is_valid Jonatan Schlag
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Jonatan Schlag @ 2017-06-03 11:25 UTC (permalink / raw)
To: network
[-- Attachment #1: Type: text/plain, Size: 711 bytes --]
This function checks if a given network is valid IPv4 network
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
src/functions/functions.ipv4 | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/functions/functions.ipv4 b/src/functions/functions.ipv4
index f63c2b7..e893f5e 100644
--- a/src/functions/functions.ipv4
+++ b/src/functions/functions.ipv4
@@ -51,6 +51,15 @@ ipv4_prefix_is_valid() {
return ${EXIT_TRUE}
}
+ipv4_net_is_valid() {
+ local net="${1}"
+
+ local prefix="$(ip_get_prefix "${net}")"
+ local addr="$(ip_split_prefix "${net}")"
+
+ ipv4_prefix_is_valid "${prefix}" && ipv4_is_valid "${addr}"
+}
+
ipv4_netmask_is_valid() {
local netmask="${1}"
--
2.6.3
^ permalink raw reply [flat|nested] 5+ messages in thread
* [network] [PATCH 2/4] ip: restructure ip_net_is_valid
2017-06-03 11:25 [network] [PATCH 1/4] ipv4: new function ipv4_net_is_valid Jonatan Schlag
@ 2017-06-03 11:25 ` Jonatan Schlag
2017-06-03 11:25 ` [network] [PATCH 3/4] util: add function mtu_is_valid Jonatan Schlag
2017-06-03 11:25 ` [network] [PATCH 4/4] pppoe-server: improve input validation Jonatan Schlag
2 siblings, 0 replies; 5+ messages in thread
From: Jonatan Schlag @ 2017-06-03 11:25 UTC (permalink / raw)
To: network
[-- Attachment #1: Type: text/plain, Size: 1236 bytes --]
Insted of checking the network manually we now just calö ipv4_net_is_valid or
ipv6_net_is_valid
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
src/functions/functions.ip | 23 +++++++----------------
1 file changed, 7 insertions(+), 16 deletions(-)
diff --git a/src/functions/functions.ip b/src/functions/functions.ip
index 97750e3..0a07fd0 100644
--- a/src/functions/functions.ip
+++ b/src/functions/functions.ip
@@ -83,23 +83,14 @@ ip_is_network() {
local network=${1}
assert isset network
- # Get the address part.
- local address=$(ip_split_prefix ${network})
- isset address || return ${EXIT_FALSE}
-
- # Get the prefix.
- local prefix=$(ip_get_prefix ${network})
- isset prefix || return ${EXIT_FALSE}
-
- # Detect the protocol (if this fails, the
- # address part is invalid)
- local proto=$(ip_detect_protocol ${address})
- isset proto || return ${EXIT_FALSE}
-
- # Check if the prefix is correct.
- ip_prefix_is_valid ${proto} ${prefix} || return ${EXIT_FALSE}
+ local protocol
+ for protocol in ${IP_SUPPORTED_PROTOCOLS}; do
+ if ${protocol}_net_is_valid "${network}"; then
+ return ${EXIT_TRUE}
+ fi
+ done
- return ${EXIT_TRUE}
+ return ${EXIT_FALSE}
}
ip_prefix_is_valid() {
--
2.6.3
^ permalink raw reply [flat|nested] 5+ messages in thread
* [network] [PATCH 3/4] util: add function mtu_is_valid
2017-06-03 11:25 [network] [PATCH 1/4] ipv4: new function ipv4_net_is_valid Jonatan Schlag
2017-06-03 11:25 ` [network] [PATCH 2/4] ip: restructure ip_net_is_valid Jonatan Schlag
@ 2017-06-03 11:25 ` Jonatan Schlag
2017-06-03 13:04 ` Michael Tremer
2017-06-03 11:25 ` [network] [PATCH 4/4] pppoe-server: improve input validation Jonatan Schlag
2 siblings, 1 reply; 5+ messages in thread
From: Jonatan Schlag @ 2017-06-03 11:25 UTC (permalink / raw)
To: network
[-- Attachment #1: Type: text/plain, Size: 781 bytes --]
This function checks if an mtu is valid for a given IP protocol.
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
src/functions/functions.util | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/src/functions/functions.util b/src/functions/functions.util
index 4b6f956..98ad9d4 100644
--- a/src/functions/functions.util
+++ b/src/functions/functions.util
@@ -321,6 +321,25 @@ isipaddress() {
ip_is_valid ${addr}
}
+mtu_is_valid() {
+
+local proto=${1}
+local mtu=${2}
+
+case ${proto} in
+ ipv4)
+ [ ${mtu} -ge 576 ] && [ ${mtu} -le 9000 ]
+ ;;
+ ipv6)
+ [ ${mtu} -ge 1280 ] && [ ${mtu} -le 9000 ]
+ ;;
+ *)
+ error "${proto} is not a valid proto"
+ return ${EXIT_ERROR}
+ ;;
+esac
+}
+
backtrace() {
local start=1
--
2.6.3
^ permalink raw reply [flat|nested] 5+ messages in thread
* [network] [PATCH 4/4] pppoe-server: improve input validation
2017-06-03 11:25 [network] [PATCH 1/4] ipv4: new function ipv4_net_is_valid Jonatan Schlag
2017-06-03 11:25 ` [network] [PATCH 2/4] ip: restructure ip_net_is_valid Jonatan Schlag
2017-06-03 11:25 ` [network] [PATCH 3/4] util: add function mtu_is_valid Jonatan Schlag
@ 2017-06-03 11:25 ` Jonatan Schlag
2 siblings, 0 replies; 5+ messages in thread
From: Jonatan Schlag @ 2017-06-03 11:25 UTC (permalink / raw)
To: network
[-- Attachment #1: Type: text/plain, Size: 1318 bytes --]
We now check if the subnet, the mtu and the max-sessions valud is valid.
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
src/hooks/configs/pppoe-server | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/src/hooks/configs/pppoe-server b/src/hooks/configs/pppoe-server
index 1ef3ba9..6f95212 100644
--- a/src/hooks/configs/pppoe-server
+++ b/src/hooks/configs/pppoe-server
@@ -69,15 +69,30 @@ hook_new() {
;;
--max-sessions=*)
MAX_SESSIONS=$(cli_get_val ${1})
+ if ! isinteger ${MAX_SESSIONS} || ! [ ${MAX_SESSIONS} -ge 0 ]; then
+ error "Invalid value for '--max-session'. This value must be an integer greate or eqal zero."
+ exit ${EXIT_ERROR}
+ fi
;;
--mtu=*)
MTU=$(cli_get_val ${1})
+ if ! mtu_is_valid "ipv4" ${MTU}; then
+ error "Invalid value for '--mtu'. Cannot be larger then 9000 or smaller than 576"
+ exit ${EXIT_ERROR}
+ fi
;;
--service-name=*)
SERVICE_NAME=$(cli_get_val ${1})
;;
--subnet=*)
SUBNET=$(cli_get_val ${1})
+ if ! ipv4_net_is_valid "${SUBNET}"; then
+ error "Invalid IPv4 Subnet ${SUBNET}."
+ exit ${EXIT_ERROR}
+ fi
+ ;;
+ *)
+ warning "Ignoring unknown option '${1}'"
;;
esac
shift
--
2.6.3
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 3/4] util: add function mtu_is_valid
2017-06-03 11:25 ` [network] [PATCH 3/4] util: add function mtu_is_valid Jonatan Schlag
@ 2017-06-03 13:04 ` Michael Tremer
0 siblings, 0 replies; 5+ messages in thread
From: Michael Tremer @ 2017-06-03 13:04 UTC (permalink / raw)
To: network
[-- Attachment #1: Type: text/plain, Size: 1118 bytes --]
Hello,
could you please resend this patch with indentation fixed?
All other functions are indented by one tab where this one is not.
On Sat, 2017-06-03 at 13:25 +0200, Jonatan Schlag wrote:
> This function checks if an mtu is valid for a given IP protocol.
>
> Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
> ---
> src/functions/functions.util | 19 +++++++++++++++++++
> 1 file changed, 19 insertions(+)
>
> diff --git a/src/functions/functions.util b/src/functions/functions.util
> index 4b6f956..98ad9d4 100644
> --- a/src/functions/functions.util
> +++ b/src/functions/functions.util
> @@ -321,6 +321,25 @@ isipaddress() {
> ip_is_valid ${addr}
> }
>
> +mtu_is_valid() {
> +
> +local proto=${1}
> +local mtu=${2}
The empty line after the function name is unnecessary.
> +
> +case ${proto} in
> + ipv4)
> + [ ${mtu} -ge 576 ] && [ ${mtu} -le 9000 ]
> + ;;
> + ipv6)
> + [ ${mtu} -ge 1280 ] && [ ${mtu} -le 9000 ]
> + ;;
> + *)
> + error "${proto} is not a valid proto"
> + return ${EXIT_ERROR}
> + ;;
> +esac
> +}
> +
> backtrace() {
> local start=1
>
Best,
-Michael
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-06-03 13:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-03 11:25 [network] [PATCH 1/4] ipv4: new function ipv4_net_is_valid Jonatan Schlag
2017-06-03 11:25 ` [network] [PATCH 2/4] ip: restructure ip_net_is_valid Jonatan Schlag
2017-06-03 11:25 ` [network] [PATCH 3/4] util: add function mtu_is_valid Jonatan Schlag
2017-06-03 13:04 ` Michael Tremer
2017-06-03 11:25 ` [network] [PATCH 4/4] pppoe-server: improve input validation Jonatan Schlag
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox