git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Laine Stump <laine@laine.org>
	Fri, 22 May 2015 21:32:02 +0000 (17:32 -0400)
committer	Laine Stump <laine@laine.org>
	Tue, 2 Jun 2015 16:40:07 +0000 (12:40 -0400)
commit	1e334a0a000b70c8f0ab57d9fcaaa8cfc480759a
tree	47f9a95a1f645a7e2bd6eba06f21580a098b7ebd	tree
parent	48e8b95d8ec3871d883e2f48f637b2f663e7b8fc	commit \| diff

network: validate DHCP ranges are completely within defined network

virSocketAddrGetRange() has been updated to take the network address
and prefix, and now checks that both the start and end of the range
are within that network, thus validating that the entire range of
addresses is in the network. For IPv4, it also checks that ranges to
not start with the "network address" of the subnet, nor end with the
broadcast address of the subnet (this check doesn't apply to IPv6,
since IPv6 doesn't have a broadcast or network address)

Negative tests have been added to the network update and socket tests
to verify that bad ranges properly generate an error.

This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=985653

src/conf/network_conf.c		diff \| blob \| blame \| history
src/network/bridge_driver.c		diff \| blob \| blame \| history
src/util/virsocketaddr.c		diff \| blob \| blame \| history
src/util/virsocketaddr.h		diff \| blob \| blame \| history
tests/networkxml2xmlupdatein/dhcp-range-10.xml	[new file with mode: 0644]	blob
tests/networkxml2xmlupdatein/dhcp-range.xml		diff \| blob \| blame \| history
tests/networkxml2xmlupdateout/dhcp6host-routed-network-another-range.xml		diff \| blob \| blame \| history
tests/networkxml2xmlupdateout/dhcp6host-routed-network-range.xml		diff \| blob \| blame \| history
tests/networkxml2xmlupdatetest.c		diff \| blob \| blame \| history
tests/sockettest.c		diff \| blob \| blame \| history