summaryrefslogtreecommitdiffstats
path: root/libglusterfs
diff options
context:
space:
mode:
authorKaushal M <kaushal@gluster.com>2011-08-23 12:23:53 +0530
committerVijay Bellur <vijay@gluster.com>2012-02-05 22:19:54 -0800
commitb708b18b833d1f2ba4da394884bc762a821ff56b (patch)
tree03ad6be7de107e6a5477a1d912a997781b06d57d /libglusterfs
parent1d77fe2458be6dc567435dc59bb94870cd0fe529 (diff)
cli, protocol/server : improve validation for the option auth.(allow/reject)
cli now checks validity of address list given for 'volume set auth.*' Server xlator checks addresses supplied to auth.(allow/reject) option including wildcards for correctness in case volfile is manually edited. Original patch done by shylesh@gluster.com Original patch is at http://patches.gluster.com/patch/7566/ Change-Id: Icf52d6eeef64d6632b15aa90a379fadacdf74fef BUG: 764197 Signed-off-by: Kaushal M <kaushal@redhat.com> Reviewed-on: http://review.gluster.com/306 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
Diffstat (limited to 'libglusterfs')
-rw-r--r--libglusterfs/src/common-utils.c149
-rw-r--r--libglusterfs/src/common-utils.h3
2 files changed, 127 insertions, 25 deletions
diff --git a/libglusterfs/src/common-utils.c b/libglusterfs/src/common-utils.c
index 42bfd03..068bd84 100644
--- a/libglusterfs/src/common-utils.c
+++ b/libglusterfs/src/common-utils.c
@@ -1529,30 +1529,36 @@ get_nth_word (const char *str, int n)
}
/* RFC 1123 & 952 */
+
+/* The functions below validate given internet addresses and
+ * wildcard internet address for correctness.
+ * All return 1 on success and 0 on failure
+ */
+
char
valid_host_name (char *address, int length)
{
- int i = 0;
- char ret = 1;
+ int i = 0;
+ char ret = 0;
+ int flag = 0;
- if ((length > 75) || (length == 1)) {
- ret = 0;
+ if ((length > 255) || (length == 1))
goto out;
- }
- if (!isalnum (address[length - 1])) {
- ret = 0;
+ if (!isalnum (address[length - 1]))
goto out;
- }
for (i = 0; i < length; i++) {
if (!isalnum (address[i]) && (address[i] != '.')
- && (address[i] != '-')) {
- ret = 0;
+ && (address[i] != '-'))
goto out;
- }
+
+ if (isalpha(address[i]))
+ flag = 1;
}
+ if (flag)
+ ret = 1;
out:
return ret;
}
@@ -1563,7 +1569,7 @@ valid_ipv4_address (char *address, int length)
int octets = 0;
int value = 0;
char *tmp = NULL, *ptr = NULL, *prev = NULL, *endptr = NULL;
- char ret = 1;
+ char ret = 0;
tmp = gf_strdup (address);
prev = tmp;
@@ -1572,16 +1578,14 @@ valid_ipv4_address (char *address, int length)
while (prev != NULL) {
octets++;
value = strtol (prev, &endptr, 10);
- if ((value > 255) || (value < 0) || (endptr != NULL)) {
- ret = 0;
+ if ((value > 255) || (value < 0) ||
+ (endptr != NULL && *endptr != '\0'))
goto out;
- }
prev = strtok_r (NULL, ".", &ptr);
}
- if (octets != 4) {
- ret = 0;
- }
+ if (octets == 4)
+ ret = 1;
out:
GF_FREE (tmp);
@@ -1594,7 +1598,7 @@ valid_ipv6_address (char *address, int length)
int hex_numbers = 0;
int value = 0;
char *tmp = NULL, *ptr = NULL, *prev = NULL, *endptr = NULL;
- char ret = 1;
+ char ret = 0;
tmp = gf_strdup (address);
prev = strtok_r (tmp, ":", &ptr);
@@ -1603,16 +1607,13 @@ valid_ipv6_address (char *address, int length)
hex_numbers++;
value = strtol (prev, &endptr, 16);
if ((value > 0xffff) || (value < 0)
- || (endptr != NULL && *endptr != '\0')) {
- ret = 0;
+ || (endptr != NULL && *endptr != '\0'))
goto out;
- }
prev = strtok_r (NULL, ":", &ptr);
}
- if (hex_numbers > 8) {
- ret = 0;
- }
+ if (hex_numbers <= 8)
+ ret = 1;
out:
GF_FREE (tmp);
@@ -1643,6 +1644,104 @@ out:
return ret;
}
+char
+valid_ipv4_wildcard_check (char *address)
+{
+ char ret = 0;
+ int octets = 0;
+ char *tmp = NULL;
+ char *prev = NULL;
+ char *endptr = NULL;
+ int value = 0;
+ int is_wildcard = 0;
+
+ tmp = gf_strdup (address);
+ prev = strtok (tmp, ".");
+
+ while (prev != NULL) {
+ octets++;
+
+ if (!strcmp (prev, "*")) {
+ is_wildcard = 1;
+ } else {
+ value = strtol (prev, &endptr, 10);
+
+ if ((value > 255) || (value < 0) ||
+ (endptr != NULL && *endptr != '\0'))
+ goto out;
+ }
+ prev = strtok (NULL, ".");
+ }
+
+ if (is_wildcard && (octets <= 4))
+ ret = 1;
+
+out:
+ if (tmp)
+ GF_FREE (tmp);
+ return ret;
+
+}
+
+char
+valid_ipv6_wildcard_check (char *address)
+{
+ char ret = 0;
+ int hex_numbers = 0;
+ int value = 0;
+ char *tmp = NULL;
+ char *prev = NULL;
+ char *endptr = NULL;
+ int is_wildcard = 0;
+
+ tmp = gf_strdup (address);
+ prev = strtok (tmp, ":");
+
+ while (prev != NULL) {
+ hex_numbers++;
+
+ if (!strcmp (prev, "*")) {
+ is_wildcard = 1;
+ } else {
+ value = strtol (prev, &endptr, 16);
+
+ if ((value > 0xffff) || (value < 0) ||
+ (endptr != NULL && *endptr != '\0'))
+ goto out;
+ }
+ prev = strtok (NULL, ":");
+ }
+
+ if (is_wildcard && (hex_numbers <= 8))
+ ret = 1;
+out:
+ if (tmp)
+ GF_FREE (tmp);
+ return ret;
+}
+
+char
+valid_wildcard_internet_address (char *address)
+{
+ char ret = 0;
+
+ if (address == NULL) {
+ gf_log_callingfn (THIS->name, GF_LOG_WARNING,
+ "argument invalid");
+ goto out;
+ }
+
+ if (strlen (address) == 0)
+ goto out;
+
+ if (valid_ipv4_wildcard_check (address) ||
+ valid_ipv6_wildcard_check (address))
+ ret = 1;
+
+out:
+ return ret;
+}
+
/*Thread safe conversion function*/
char *
uuid_utoa (uuid_t uuid)
diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h
index 4647c4a..63566fb 100644
--- a/libglusterfs/src/common-utils.h
+++ b/libglusterfs/src/common-utils.h
@@ -445,6 +445,9 @@ char valid_host_name (char *address, int length);
char valid_ipv4_address (char *address, int length);
char valid_ipv6_address (char *address, int length);
char valid_internet_address (char *address);
+char valid_ipv4_wildcard_check (char *address);
+char valid_ipv6_wildcard_check (char *address);
+char valid_wildcard_internet_address (char *address);
char *uuid_utoa (uuid_t uuid);
char *uuid_utoa_r (uuid_t uuid, char *dst);