server: validate ip address value on update config (#7415)

Fixes #6958 Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
2025-10-26 08:42:29 +01:00 · 2023-04-28 16:11:33 +05:30 · 2023-04-28 16:11:33 +05:30 · b84744d9a5
commit b84744d9a5
parent 8bbe2f7cb2
2 changed files with 91 additions and 2 deletions
--- a/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
+++ b/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
@ -602,6 +602,32 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
        });
    }

+    protected void validateIpAddressRelatedConfigValues(final String configName, final String value) {
+        if (!configName.endsWith(".ip") && !configName.endsWith(".ipaddress") && !configName.endsWith(".iprange")) {
+            return;
+        }
+        if (StringUtils.isEmpty(value)) {
+            return;
+        }
+        final ConfigKey<?> configKey = _configDepot.get(configName);
+        if (configKey == null || !String.class.equals(configKey.type())) {
+            return;
+        }
+        boolean err = (configName.endsWith(".ip") || configName.endsWith(".ipaddress")) && !NetUtils.isValidIp4(value);
+        if (configName.endsWith(".iprange")) {
+            err = true;
+            if (value.contains("-")) {
+                String[] ips = value.split("-");
+                if (ips.length == 2 && NetUtils.isValidIp4(ips[0]) && NetUtils.isValidIp4(ips[1])) {
+                    err = false;
+                }
+            }
+        }
+        if (err) {
+            throw new InvalidParameterValueException("Invalid IP address value(s) specified for the config value");
+        }
+    }
+
    @Override
    public boolean start() {

@ -874,6 +900,8 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
            catergory = config.getCategory();
        }

+        validateIpAddressRelatedConfigValues(name, value);
+
        if (value == null) {
            return _configDao.findByName(name);
        }
--- a/server/src/test/java/com/cloud/configuration/ConfigurationManagerImplTest.java
+++ b/server/src/test/java/com/cloud/configuration/ConfigurationManagerImplTest.java
@ -16,22 +16,37 @@
 // under the License.
 package com.cloud.configuration;

-import com.cloud.utils.net.NetUtils;
+import java.util.List;
+
+import org.apache.cloudstack.framework.config.ConfigDepot;
+import org.apache.cloudstack.framework.config.ConfigKey;
 import org.junit.Assert;
+import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
+import org.mockito.Mock;
 import org.mockito.Mockito;
 import org.powermock.api.mockito.PowerMockito;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;

-import java.util.List;
+import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.storage.StorageManager;
+import com.cloud.utils.net.NetUtils;


@RunWith(PowerMockRunner.class)
@PrepareForTest(NetUtils.class)
 public class ConfigurationManagerImplTest {
+    @Mock
+    ConfigDepot configDepot;
    ConfigurationManagerImpl configurationManagerImplSpy = Mockito.spy(new ConfigurationManagerImpl());
+
+    @Before
+    public void setUp() throws Exception {
+        configurationManagerImplSpy._configDepot = configDepot;
+    }
+
    @Test
    public void validateIfIntValueIsInRangeTestValidValueReturnNull() {
        String testVariable = configurationManagerImplSpy.validateIfIntValueIsInRange("String name", "3", "1-5");
@ -191,4 +206,50 @@ public class ConfigurationManagerImplTest {
        String testVariable = configurationManagerImplSpy.validateRangeOther("NameTest1", "ThisShouldNotWork", "ThisShouldWork,ThisShouldAlsoWork,SoShouldThis");
        Assert.assertNotNull(testVariable);
    }
+
+    @Test
+    public void testValidateIpAddressRelatedConfigValuesUnrelated() {
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues(StorageManager.PreferredStoragePool.key(), "something");
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues("config.ip", "");
+        Mockito.when(configurationManagerImplSpy._configDepot.get("config.ip")).thenReturn(null);
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues("config.ip", "something");
+        ConfigKey<?> key = StorageManager.MountDisabledStoragePool;
+        Mockito.doReturn(key).when(configurationManagerImplSpy._configDepot).get(StorageManager.MountDisabledStoragePool.key());
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues(StorageManager.MountDisabledStoragePool.key(), "false");
+    }
+
+    @Test(expected = InvalidParameterValueException.class)
+    public void testValidateIpAddressRelatedConfigValuesInvalidIp() {
+        ConfigKey<String> key = StorageManager.PreferredStoragePool; // Any ConfigKey of String type
+        Mockito.doReturn(key).when(configurationManagerImplSpy._configDepot).get("config.ip");
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues("config.ip", "abcdefg");
+    }
+
+    @Test
+    public void testValidateIpAddressRelatedConfigValuesValidIp() {
+        ConfigKey<String> key = StorageManager.PreferredStoragePool; // Any ConfigKey of String type
+        Mockito.doReturn(key).when(configurationManagerImplSpy._configDepot).get("config.ip");
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues("config.ip", "192.168.1.1");
+    }
+
+    @Test(expected = InvalidParameterValueException.class)
+    public void testValidateIpAddressRelatedConfigValuesInvalidIpRange() {
+        ConfigKey<String> key = StorageManager.PreferredStoragePool; // Any ConfigKey of String type. RemoteAccessVpnManagerImpl.RemoteAccessVpnClientIpRange not accessible here
+        Mockito.doReturn(key).when(configurationManagerImplSpy._configDepot).get("config.iprange");
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues("config.iprange", "xyz-192.168.1.20");
+    }
+
+    @Test(expected = InvalidParameterValueException.class)
+    public void testValidateIpAddressRelatedConfigValuesInvalidIpRange1() {
+        ConfigKey<String> key = StorageManager.PreferredStoragePool; // Any ConfigKey of String type. RemoteAccessVpnManagerImpl.RemoteAccessVpnClientIpRange not accessible here
+        Mockito.doReturn(key).when(configurationManagerImplSpy._configDepot).get("config.iprange");
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues("config.iprange", "192.168.1.20");
+    }
+
+    @Test
+    public void testValidateIpAddressRelatedConfigValuesValidIpRange() {
+        ConfigKey<String> key = StorageManager.PreferredStoragePool; // Any ConfigKey of String type. RemoteAccessVpnManagerImpl.RemoteAccessVpnClientIpRange not accessible here
+        Mockito.doReturn(key).when(configurationManagerImplSpy._configDepot).get("config.iprange");
+        configurationManagerImplSpy.validateIpAddressRelatedConfigValues("config.iprange", "192.168.1.1-192.168.1.100");
+    }
 }