[libvirt] [PATCH] network: validate network NAT range
Martin Kletzander
mkletzan at redhat.com
Tue Aug 11 12:12:52 UTC 2015
On Mon, Aug 10, 2015 at 02:02:50PM +0200, Ján Tomko wrote:
>On Sat, Aug 08, 2015 at 06:04:00PM -0400, Laine Stump wrote:
>> This patch modifies virSocketAddrGetRange() to function properly when
>> the containing network/prefix of the address range isn't known, for
>> example in the case of the NAT range of a virtual network (since it is
>> a range of addresses on the *host*, not within the network itself). We
>> then take advantage of this new functionality to validate the NAT
>> range of a virtual network.
>>
>> Extra test cases are also added to verify that virSocketAddrGetRange()
>> works properly in both positive and negative cases when the network
>> pointer is NULL.
>>
>> This is the *real* fix for:
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=985653
>>
>> Commits 1e334a and 48e8b9 had earlier been pushed as fixes for that
>> bug, but I had neglected to read the report carefully, so instead of
>> fixing validation for the NAT range, I had fixed validation for the
>> DHCP range. sigh.
>> ---
>>
>> The changes to virSocketAddrGetRange() *look* like they are extensive,
>> but really they almost completely consist of:
>>
>> 1) reordering and reindenting some of the checks so that they are only
>> executed when we have a valid network address
>>
>> 2) modifying the error messages that could occur when there isn't a
>> valid network so that they don't attempt to use the network address
>> or prefix.
>>
>> src/conf/network_conf.c | 4 ++
>> src/util/virsocketaddr.c | 168 +++++++++++++++++++++++++----------------------
>> tests/sockettest.c | 46 ++++++++++++-
>> 3 files changed, 136 insertions(+), 82 deletions(-)
>>
Me and Michal are looking at it, but after this patch I miss the
default network after the daemon is restarted. Reverting fixes it, I
know nothing more right now. Will update you later on.
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20150811/52d5569d/attachment-0001.sig>
More information about the libvir-list
mailing list