apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge release branch 4.9 to master

Browse Source 
* 4.9:
  cleanup trailing space for checkstyle
  Expanded tests of RFC1918 and RFC6598 validation code.
  Allow CGN (RFC6598) to be used within a VPC
This commit is contained in:
Rajani Karuturi 2017-05-08 10:18:12 +05:30
commit 3f7fca02d4
3 changed files with 22 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
View File

@ -2213,7 +2213,7 @@ public class NetworkOrchestrator extends ManagerBase implements NetworkOrchestra
// Check if cidr is RFC1918 compliant if the network is Guest Isolated for IPv4
if (cidr != null && ntwkOff.getGuestType() == Network.GuestType.Isolated && ntwkOff.getTrafficType() == TrafficType.Guest) {
if (!NetUtils.validateGuestCidr(cidr)) {
throw new InvalidParameterValueException("Virtual Guest Cidr " + cidr + " is not RFC1918 compliant");
throw new InvalidParameterValueException("Virtual Guest Cidr " + cidr + " is not RFC 1918 or 6598 compliant");
}
}

21
utils/src/main/java/com/cloud/utils/net/NetUtils.java
View File

@ -1147,31 +1147,34 @@ public class NetUtils {
// 10.0.0.0 - 10.255.255.255 (10/8 prefix)
// 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
// 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
final String cidr1 = "10.0.0.0/8";
final String cidr2 = "172.16.0.0/12";
final String cidr3 = "192.168.0.0/16";
// RFC 6598 - The IETF detailed shared address space for use in ISP CGN
// deployments and NAT devices that can handle the same addresses occurring both on inbound and outbound interfaces.
// ARIN returned space to the IANA as needed for this allocation.
// The allocated address block is 100.64.0.0/10
final String[] allowedNetBlocks = {"10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "100.64.0.0/10"};
if (!isValidCIDR(cidr)) {
s_logger.warn("Cidr " + cidr + " is not valid");
return false;
}
if (isNetworkAWithinNetworkB(cidr, cidr1) || isNetworkAWithinNetworkB(cidr, cidr2) || isNetworkAWithinNetworkB(cidr, cidr3)) {
for (String block: allowedNetBlocks) {
if (isNetworkAWithinNetworkB(cidr, block)) {
return true;
} else {
s_logger.warn("cidr " + cidr + " is not RFC 1918 compliant");
return false;
}
}
// not in allowedNetBlocks - return false
s_logger.warn("cidr " + cidr + " is not RFC 1918 or 6598 compliant");
return false;
}
public static boolean verifyInstanceName(final String instanceName) {
//instance name for cloudstack vms shouldn't contain - and spaces
if (instanceName.contains("-") || instanceName.contains(" ") || instanceName.contains("+")) {
s_logger.warn("Instance name can not contain hyphen, spaces and \"+\" char");
return false;
}
return true;
}

10
utils/src/test/java/com/cloud/utils/net/NetUtilsTest.java
View File

@ -314,9 +314,15 @@ public class NetUtilsTest {
@Test
public void testValidateGuestCidr() throws Exception {
final String guestCidr = "192.168.1.0/24";
final String[] validCidrs = {"10.1.1.1/16", "172.16.1.0/16", "192.168.1.0/24", "100.64.1.0/24"};
final String[] invalidCidrs = {"172.33.1.0/16", "100.128.1.0/10"};
assertTrue(NetUtils.validateGuestCidr(guestCidr));
for (String cidr: validCidrs) {
assertTrue(NetUtils.validateGuestCidr(cidr));
}
for (String cidr: invalidCidrs) {
assertFalse(NetUtils.validateGuestCidr(cidr));
}
}
@Test