Re: [PATCH] network: validate network NAT range

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Aug 10, 2015 at 02:02:50PM +0200, Ján Tomko wrote:
On Sat, Aug 08, 2015 at 06:04:00PM -0400, Laine Stump wrote:
This patch modifies virSocketAddrGetRange() to function properly when
the containing network/prefix of the address range isn't known, for
example in the case of the NAT range of a virtual network (since it is
a range of addresses on the *host*, not within the network itself). We
then take advantage of this new functionality to validate the NAT
range of a virtual network.

Extra test cases are also added to verify that virSocketAddrGetRange()
works properly in both positive and negative cases when the network
pointer is NULL.

This is the *real* fix for:

https://bugzilla.redhat.com/show_bug.cgi?id=985653

Commits 1e334a and 48e8b9 had earlier been pushed as fixes for that
bug, but I had neglected to read the report carefully, so instead of
fixing validation for the NAT range, I had fixed validation for the
DHCP range. sigh.
---

The changes to virSocketAddrGetRange() *look* like they are extensive,
but really they almost completely consist of:

1) reordering and reindenting some of the checks so that they are only
   executed when we have a valid network address

2) modifying the error messages that could occur when there isn't a
   valid network so that they don't attempt to use the network address
   or prefix.

 src/conf/network_conf.c  |   4 ++
 src/util/virsocketaddr.c | 168 +++++++++++++++++++++++++----------------------
 tests/sockettest.c       |  46 ++++++++++++-
 3 files changed, 136 insertions(+), 82 deletions(-)


Me and Michal are looking at it, but after this patch I miss the
default network after the daemon is restarted.  Reverting fixes it, I
know nothing more right now.  Will update you later on.

Martin

Attachment: signature.asc
Description: PGP signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]