Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package perl-Net-Netmask for
openSUSE:Factory checked in at 2021-04-01 14:17:22
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-Net-Netmask (Old)
and /work/SRC/openSUSE:Factory/.perl-Net-Netmask.new.2401 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Net-Netmask"
Thu Apr 1 14:17:22 2021 rev:29 rq:882146 version:2.0001
Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-Net-Netmask/perl-Net-Netmask.changes
2018-08-31 09:52:52.233747849 +0200
+++
/work/SRC/openSUSE:Factory/.perl-Net-Netmask.new.2401/perl-Net-Netmask.changes
2021-04-01 14:18:39.592105863 +0200
@@ -1,0 +2,12 @@
+Tue Mar 30 09:41:52 UTC 2021 - Tina M??ller <[email protected]>
+
+- Remove manual license from cpanspec.yml, the correct one is now
+ specified upstream
+
+-------------------------------------------------------------------
+Tue Mar 30 03:08:10 UTC 2021 - Tina M??ller <[email protected]>
+
+- updated to 2.0001
+ see /usr/share/doc/packages/perl-Net-Netmask/Changes
+
+-------------------------------------------------------------------
Old:
----
Net-Netmask-1.9104.tar.gz
New:
----
Net-Netmask-2.0001.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-Net-Netmask.spec ++++++
--- /var/tmp/diff_new_pack.WlAdh2/_old 2021-04-01 14:18:40.120106503 +0200
+++ /var/tmp/diff_new_pack.WlAdh2/_new 2021-04-01 14:18:40.124106507 +0200
@@ -1,7 +1,7 @@
#
# spec file for package perl-Net-Netmask
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,23 +12,20 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
+%define cpan_name Net-Netmask
Name: perl-Net-Netmask
-Version: 1.9104
+Version: 2.0001
Release: 0
-#Upstream: Artistic-1.0 or GPL-1.0+
-%define cpan_name Net-Netmask
-Summary: Parse, Manipulate and Lookup Ip Network Blocks
+Summary: Parse, manipulate and lookup IP network blocks
License: Artistic-1.0 OR GPL-1.0-or-later
-Group: Development/Libraries/Perl
-Url: http://search.cpan.org/dist/Net-Netmask/
+URL: https://metacpan.org/release/%{cpan_name}
Source0:
https://cpan.metacpan.org/authors/id/J/JM/JMASLAK/%{cpan_name}-%{version}.tar.gz
Source1: cpanspec.yml
BuildArch: noarch
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: perl
BuildRequires: perl-macros
BuildRequires: perl(Math::BigInt) >= 1.999811
@@ -61,15 +58,15 @@
IPv6 support was added in 1.9104.
%prep
-%setup -q -n %{cpan_name}-%{version}
-find . -type f ! -name \*.pl -print0 | xargs -0 chmod 644
+%autosetup -n %{cpan_name}-%{version}
+find . -type f ! -path "*/t/*" ! -name "*.pl" ! -path "*/bin/*" ! -path
"*/script/*" ! -name "configure" -print0 | xargs -0 chmod 644
%build
-%{__perl} Makefile.PL INSTALLDIRS=vendor
-%{__make} %{?_smp_mflags}
+perl Makefile.PL INSTALLDIRS=vendor
+%make_build
%check
-%{__make} test
+make test
%install
%perl_make_install
@@ -77,7 +74,6 @@
%perl_gen_filelist
%files -f %{name}.files
-%defattr(-,root,root,755)
%doc Changes CODE_OF_CONDUCT.md CONTRIBUTING errors.err README TODO
%license LICENSE
++++++ Net-Netmask-1.9104.tar.gz -> Net-Netmask-2.0001.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/Changes
new/Net-Netmask-2.0001/Changes
--- old/Net-Netmask-1.9104/Changes 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/Changes 2021-03-29 21:30:41.000000000 +0200
@@ -1,6 +1,26 @@
-
Revision history for Perl module Net::Netmask
+2.0001 2021-03-29
+ - BUGFIX: Return a netmask length of 0 whenever parsing an invalid
+ digit.
+ - Add "safe_new()" method to make it more clear what new2() does. Note
+ that this executes the same code as new2().
+
+2.0000 2021-03-29
+
+ - SECURITY: IPv4 addresses with leading zeros are no longer allowed.
+ They will return a parse error like any invalid IP address.
+ - SECURITY: 10.0.0, 10.0, and 10 address portions now by default return
+ a parse error. This can be overriden by calling new() like:
+ Net::Netmask->new2('10/8', shortnet => 1); # or new()
+ or
+ Net::Netmask->new2('10', '8', shortnet => 1); # or new()
+
+ There is also a package-level variable that can change the default
+ when "shortnet" isn't used passed into the constructor. Usage:
+ local $Net::Netmask::SHORTNET_DEFAULT = 1;
+ Net::Netmask->new('10', '8'); # or new2()
+
1.9104 2018-06-27
- IPv6 support is now GA!
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/MANIFEST
new/Net-Netmask-2.0001/MANIFEST
--- old/Net-Netmask-1.9104/MANIFEST 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/MANIFEST 2021-03-29 21:30:41.000000000 +0200
@@ -1,4 +1,4 @@
-# This file was automatically generated by Dist::Zilla::Plugin::Manifest
v6.010.
+# This file was automatically generated by Dist::Zilla::Plugin::Manifest
v6.015.
CODE_OF_CONDUCT.md
CONTRIBUTING
Changes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/META.json
new/Net-Netmask-2.0001/META.json
--- old/Net-Netmask-1.9104/META.json 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/META.json 2021-03-29 21:30:41.000000000 +0200
@@ -4,7 +4,7 @@
"Joelle Maslak <[email protected]>"
],
"dynamic_config" : 1,
- "generated_by" : "Dist::Zilla version 6.010, CPAN::Meta::Converter version
2.150010",
+ "generated_by" : "Dist::Zilla version 6.015, CPAN::Meta::Converter version
2.150010",
"license" : [
"perl_5"
],
@@ -61,7 +61,7 @@
"provides" : {
"Net::Netmask" : {
"file" : "lib/Net/Netmask.pm",
- "version" : "1.9104"
+ "version" : "2.0001"
}
},
"release_status" : "stable",
@@ -76,15 +76,17 @@
"web" : "https://github.com/jmaslak/Net-Netmask";
}
},
- "version" : "1.9104",
+ "version" : "2.0001",
"x_contributors" : [
"Joelle Maslak <[email protected]>",
"David Muir Sharnoff <[email protected]>",
"Adam Herzog <[email protected]>",
"Ben Kolera <[email protected]>",
- "David Steinbrunner <[email protected]>",
- "bay-max1 <[email protected]>"
+ "bay-max1 <[email protected]>",
+ "David Steinbrunner <[email protected]>"
],
- "x_serialization_backend" : "Cpanel::JSON::XS version 3.0239"
+ "x_generated_by_perl" : "v5.32.0",
+ "x_serialization_backend" : "Cpanel::JSON::XS version 4.19",
+ "x_spdx_expression" : "Artistic-1.0-Perl OR GPL-1.0-or-later"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/META.yml
new/Net-Netmask-2.0001/META.yml
--- old/Net-Netmask-1.9104/META.yml 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/META.yml 2021-03-29 21:30:41.000000000 +0200
@@ -10,7 +10,7 @@
configure_requires:
ExtUtils::MakeMaker: '0'
dynamic_config: 1
-generated_by: 'Dist::Zilla version 6.010, CPAN::Meta::Converter version
2.150010'
+generated_by: 'Dist::Zilla version 6.015, CPAN::Meta::Converter version
2.150010'
license: perl
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.4.html
@@ -19,7 +19,7 @@
provides:
Net::Netmask:
file: lib/Net/Netmask.pm
- version: '1.9104'
+ version: '2.0001'
recommends:
AnyEvent: '7.14'
requires:
@@ -36,12 +36,14 @@
bugtracker: https://github.com/jmaslak/Net-Netmask/issues
homepage: http://search.cpan.org/~jmaslak/Net-Netmask/
repository: git://github.com/jmaslak/Net-Netmask.git
-version: '1.9104'
+version: '2.0001'
x_contributors:
- 'Joelle Maslak <[email protected]>'
- 'David Muir Sharnoff <[email protected]>'
- 'Adam Herzog <[email protected]>'
- 'Ben Kolera <[email protected]>'
- - 'David Steinbrunner <[email protected]>'
- 'bay-max1 <[email protected]>'
-x_serialization_backend: 'YAML::Tiny version 1.70'
+ - 'David Steinbrunner <[email protected]>'
+x_generated_by_perl: v5.32.0
+x_serialization_backend: 'YAML::Tiny version 1.73'
+x_spdx_expression: 'Artistic-1.0-Perl OR GPL-1.0-or-later'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/Makefile.PL
new/Net-Netmask-2.0001/Makefile.PL
--- old/Net-Netmask-1.9104/Makefile.PL 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/Makefile.PL 2021-03-29 21:30:41.000000000 +0200
@@ -1,4 +1,4 @@
-# This file was automatically generated by Dist::Zilla::Plugin::MakeMaker
v6.010.
+# This file was automatically generated by Dist::Zilla::Plugin::MakeMaker
v6.015.
use strict;
use warnings;
@@ -35,7 +35,7 @@
"Test::UseAllModules" => "0.17",
"utf8" => 0
},
- "VERSION" => "1.9104",
+ "VERSION" => "2.0001",
"test" => {
"TESTS" => "t/*.t"
}
@@ -68,8 +68,8 @@
unless eval { ExtUtils::MakeMaker->VERSION(6.52) };
if ( $^O eq 'MSWin32' ) {
- $WriteMakefileArgs{PREREQ_PM}{'Thread::Queue'} = '3.12';
- $WriteMakefileArgs{PREREQ_PM}{'threads'} = '0';
+ $WriteMakefileArgs{PREREQ_PM}{'Thread::Queue'} =
$FallbackPrereqs{'Thread::Queue'} = '3.12';
+ $WriteMakefileArgs{PREREQ_PM}{'threads'} = $FallbackPrereqs{'threads'}
= '0';
}
WriteMakefile(%WriteMakefileArgs);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/README
new/Net-Netmask-2.0001/README
--- old/Net-Netmask-1.9104/README 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/README 2021-03-29 21:30:41.000000000 +0200
@@ -4,10 +4,12 @@
SYNOPSIS
use Net::Netmask;
- $block = Net::Netmask->new(network block)
- $block = Net::Netmask->new(network block, netmask)
+ $block = Net::Netmask->safe_new(network block)
+ $block = Net::Netmask->safe_new(network block, netmask)
$block = Net::Netmask->new2(network block)
$block = Net::Netmask->new2(network block, netmask)
+ $block = Net::Netmask->new(network block) # Don't use in new code!
+ $block = Net::Netmask->new(network block, netmask) # Don't use in new
code!
print $block; # a.b.c.d/bits or 1:2:3::4/bits
print $block->base()
@@ -89,14 +91,6 @@
'216.240.32.0 - 216.240.32.255'
'216.240.32.4' A /32 block.
- '216.240.32' Always a /24 block.
-
- '216.240' Always a /16 block.
-
- '140' Always a /8 block.
-
- '216.240.32/24'
- '216.240/16'
'default' or 'any' 0.0.0.0/0 (the default route)
'216.240.32.0#0.0.31.255' A hostmask (as used by Cisco
@@ -109,15 +103,64 @@
'default6' or 'any6' ::/0 (the default route)
- There are two constructor methods: "new" and "new2". "new2" differs from
- "new" in that it will return undef for invalid netmasks, while "new"
- will return a netmask object even if the constructor could not figure
- out what the network block should be.
+ There are two constructor methods: "new" and "safe_new" (also known as
+ "new2").
+
+ "safe_new" differs from "new" in that it will return undef for invalid
+ netmasks, while "new" will return a netmask object even if the
+ constructor could not figure out what the network block should be.
With "new", the error string can be found as $block->{'ERROR'}. With
- "new2" the error can be found as Net::Netmask::errstr or
+ "safe_new" the error can be found as Net::Netmask::errstr or
$Net::Netmask::error.
+ IMPORTANT: You want to use "safe_new" or "new2" ("new2" is a synonym for
+ "new") in new code!
+
+ As of version 2.000, the following abbreviated IPv4 netblocks are not
+ accepted by default, but can be accepted with options.
+
+ '216.240.32' Always a /24 block.
+
+ '216.240' Always a /16 block.
+
+ '140' Always a /8 block.
+
+ '216.240.32/24'
+ '216.240/16'
+
+ To accept these, you can call the constructor with a "shortnet" option
+ set to a true value. Example:
+
+ my $block = Net::Netmask->safe_new("216.240/16", shortnet => 1);
+
+ For compatibility with older codebases, it's also possible to change the
+ default to use the old behavior. To do this, you can set the
+ $Net::Netmask::SHORTNET_DEFAULT variable to a true value. It is
+ recommended that this be done by localizing the variable. Example:
+
+ local $Net::Netmask::SHORTNET_DEFAULT = 1
+ my $block = Net::Netmask->safe_new("216.240/16");
+
+ Please be aware that there are security implications to this as other
+ Perl modules, system libraries, or utilities may not parse these
+ addresses the same way. This is why the default was changed.
+
+ For instance:
+
+ perl -MNet::Netmask -E "say Net::Netmask->safe_new("10.20", shortnet =>
1)"
+
+ Will print "10.2.0.0/16". However:
+
+ perl -MSocket -E "say inet_ntoa(inet_aton('10.20'))"
+
+ Will often print "10.0.0.20" which is obviously very different, and if
+ the Net::Netmask module was used to check an IP aggainst an ACL, and
+ then another program was executed (that uses inet_aton(), for instance),
+ the ACL processing might not match the connection.
+
+ Thus, it is advised to use this with caution.
+
METHODS
->desc() Returns a description of the network block. Eg:
"216.240.32.0/19" or "2001:db8:1234::/48". This
@@ -315,7 +358,7 @@
For instance,
- Net::Netmask->new( '10.0.0.0/24' )->split(2)
+ Net::Netmask->safe_new( '10.0.0.0/24'
)->split(2)
is equivilent to
@@ -454,7 +497,7 @@
Copyright (C) 2011-2013 Google, Inc.
- Copyright (C) 2018 Joelle Maslak
+ Copyright (C) 2018-2021 Joelle Maslak
This module may be used, modified and redistributed under the same terms
as Perl itself.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/TODO new/Net-Netmask-2.0001/TODO
--- old/Net-Netmask-1.9104/TODO 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/TODO 2021-03-29 21:30:41.000000000 +0200
@@ -6,7 +6,6 @@
* Refactor tests in netmask.t to not use dlist() helper (just use "is")
* Refactor tests in netmask.t to always have descriptions
-Advanced tests:
- * IPv6 Support
+Advanced tasks:
* Speed improvements for IPv6
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/dist.ini
new/Net-Netmask-2.0001/dist.ini
--- old/Net-Netmask-1.9104/dist.ini 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/dist.ini 2021-03-29 21:30:41.000000000 +0200
@@ -4,7 +4,7 @@
copyright_holder = Various -- See Documentation
copyright_year = Various -- See Documentation
-version = 1.9104
+version = 2.0001
[@Filter]
-bundle = @Basic
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/lib/Net/Netmask.pm
new/Net-Netmask-2.0001/lib/Net/Netmask.pm
--- old/Net-Netmask-1.9104/lib/Net/Netmask.pm 2018-07-28 01:01:55.000000000
+0200
+++ new/Net-Netmask-2.0001/lib/Net/Netmask.pm 2021-03-29 21:30:41.000000000
+0200
@@ -1,9 +1,9 @@
# Copyright (C) 1998-2006 David Muir Sharnoff <[email protected]>
# Copyright (C) 2011-2013 Google, Inc.
-# Copyright (C) 2018 Joelle Maslak <[email protected]>
+# Copyright (C) 2018-2021 Joelle Maslak <[email protected]>
package Net::Netmask;
-$Net::Netmask::VERSION = '1.9104';
+$Net::Netmask::VERSION = '2.0001';
use 5.006_001;
# ABSTRACT: Understand and manipulate IP netmasks
@@ -28,8 +28,7 @@
my @imask;
my @i6mask;
-# our %quadmask2bits;
-# our %quadhostmask2bits;
+our $SHORTNET_DEFAULT = undef;
use vars qw($error $debug %quadmask2bits %quadhostmask2bits);
$debug = 1;
@@ -46,9 +45,15 @@
'fallback' => 1;
sub new {
- my ( $package, $net, $mask ) = @_;
+ my ( $package, $net, @params) = @_;
- $mask = '' unless defined $mask;
+ my $mask = '';
+ if (@params % 2) {
+ $mask = shift(@params);
+ $mask = '' if !defined($mask);
+ }
+ my (%options) = @params;
+ my $shortnet = ( ( exists($options{shortnet}) && $options{shortnet} ) ||
$SHORTNET_DEFAULT );
my $base;
my $bits;
@@ -95,17 +100,17 @@
}
} elsif ( $net =~ /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/ && !$mask ) {
( $base, $bits ) = ( $net, 32 );
- } elsif ( $net =~ /^[0-9]+\.[0-9]+\.[0-9]+$/ && !$mask ) {
+ } elsif ( $net =~ /^[0-9]+\.[0-9]+\.[0-9]+$/ && !$mask && $shortnet ) {
( $base, $bits ) = ( "$net.0", 24 );
- } elsif ( $net =~ /^[0-9]+\.[0-9]+$/ && !$mask ) {
+ } elsif ( $net =~ /^[0-9]+\.[0-9]+$/ && !$mask && $shortnet ) {
( $base, $bits ) = ( "$net.0.0", 16 );
- } elsif ( $net =~ /^[0-9]+$/ && !$mask ) {
+ } elsif ( $net =~ /^[0-9]+$/ && !$mask && $shortnet ) {
( $base, $bits ) = ( "$net.0.0.0", 8 );
- } elsif ( $net =~ m,^([0-9]+\.[0-9]+\.[0-9]+)/([0-9]+)$, ) {
+ } elsif ( $net =~ m,^([0-9]+\.[0-9]+\.[0-9]+)/([0-9]+)$, && $shortnet ) {
( $base, $bits ) = ( "$1.0", $2 );
- } elsif ( $net =~ m,^([0-9]+\.[0-9]+)/([0-9]+)$, ) {
+ } elsif ( $net =~ m,^([0-9]+\.[0-9]+)/([0-9]+)$, && $shortnet ) {
( $base, $bits ) = ( "$1.0.0", $2 );
- } elsif ( $net =~ m,^([0-9]+)/([0-9]+)$, ) {
+ } elsif ( $net =~ m,^([0-9]+)/([0-9]+)$, && $shortnet ) {
( $base, $bits ) = ( "$1.0.0.0", $2 );
} elsif ( $net eq 'default' || $net eq 'any' ) {
( $base, $bits ) = ( "0.0.0.0", 0 );
@@ -151,12 +156,17 @@
$bits = 128;
}
- $ibase = ascii2int( ( $base || '::' ), $proto ) unless defined $ibase;
+ $ibase = ascii2int( ( $base || '::' ), $proto ) unless (defined $ibase or
$error);
unless ( defined($ibase) || defined($error) ) {
$error = "could not parse $net";
$error .= " $mask" if $mask;
}
+ if ($error) {
+ $ibase = 0;
+ $bits = 0;
+ }
+
$ibase = i_getnet_addr( $ibase, $bits, $proto );
return bless {
@@ -180,6 +190,10 @@
}
sub new2 {
+ goto &safe_new;
+}
+
+sub safe_new {
local ($debug) = 0;
my $net = new(@_);
return if $error;
@@ -389,7 +403,8 @@
sub quad2int {
my @bytes = split( /\./, $_[0] );
- return unless @bytes == 4 && !grep { !( /[0-9]+$/ && $_ < 256 ) } @bytes;
+ return unless @bytes == 4;
+ return unless !grep { !( /^(([0-9])|([1-9][0-9]*))$/ && $_ < 256 ) }
@bytes;
return unpack( "N", pack( "C4", @bytes ) );
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/lib/Net/Netmask.pod
new/Net-Netmask-2.0001/lib/Net/Netmask.pod
--- old/Net-Netmask-1.9104/lib/Net/Netmask.pod 2018-07-28 01:01:55.000000000
+0200
+++ new/Net-Netmask-2.0001/lib/Net/Netmask.pod 2021-03-29 21:30:41.000000000
+0200
@@ -6,10 +6,12 @@
use Net::Netmask;
- $block = Net::Netmask->new(network block)
- $block = Net::Netmask->new(network block, netmask)
+ $block = Net::Netmask->safe_new(network block)
+ $block = Net::Netmask->safe_new(network block, netmask)
$block = Net::Netmask->new2(network block)
$block = Net::Netmask->new2(network block, netmask)
+ $block = Net::Netmask->new(network block) # Don't use in new code!
+ $block = Net::Netmask->new(network block, netmask) # Don't use in new code!
print $block; # a.b.c.d/bits or 1:2:3::4/bits
print $block->base()
@@ -105,22 +107,6 @@
A /32 block.
-=item '216.240.32'
-
-Always a /24 block.
-
-=item '216.240'
-
-Always a /16 block.
-
-=item '140'
-
-Always a /8 block.
-
-=item '216.240.32/24'
-
-=item '216.240/16'
-
=item 'default' or 'any'
0.0.0.0/0 (the default route)
@@ -144,13 +130,72 @@
=back
-There are two constructor methods: C<new> and C<new2>. C<new2>
-differs from C<new> in that it will return undef for invalid netmasks,
+There are two constructor methods: C<new> and C<safe_new> (also known as
C<new2>).
+
+C<safe_new> differs from C<new> in that it will return undef for invalid
netmasks,
while C<new> will return a netmask object even if the constructor
could not figure out what the network block should be.
With C<new>, the error string can be found as $block->{'ERROR'}. With
-C<new2> the error can be found as Net::Netmask::errstr or $Net::Netmask::error.
+C<safe_new> the error can be found as Net::Netmask::errstr or
$Net::Netmask::error.
+
+IMPORTANT: You want to use C<safe_new> or C<new2> (C<new2> is a synonym
+for C<new>) in new code!
+
+As of version 2.000, the following abbreviated IPv4 netblocks are not accepted
+by default, but can be accepted with options.
+
+=over 32
+
+=item '216.240.32'
+
+Always a /24 block.
+
+=item '216.240'
+
+Always a /16 block.
+
+=item '140'
+
+Always a /8 block.
+
+=item '216.240.32/24'
+
+=item '216.240/16'
+
+=back
+
+To accept these, you can call the constructor with a "shortnet" option set
+to a true value. Example:
+
+ my $block = Net::Netmask->safe_new("216.240/16", shortnet => 1);
+
+For compatibility with older codebases, it's also possible to change the
+default to use the old behavior. To do this, you can set the
+C<$Net::Netmask::SHORTNET_DEFAULT> variable to a true value. It is recommended
+that this be done by localizing the variable. Example:
+
+ local $Net::Netmask::SHORTNET_DEFAULT = 1
+ my $block = Net::Netmask->safe_new("216.240/16");
+
+Please be aware that there are security implications to this as other Perl
+modules, system libraries, or utilities may not parse these addresses the
+same way. This is why the default was changed.
+
+For instance:
+
+ perl -MNet::Netmask -E "say Net::Netmask->safe_new("10.20", shortnet => 1)"
+
+Will print "10.2.0.0/16". However:
+
+ perl -MSocket -E "say inet_ntoa(inet_aton('10.20'))"
+
+Will often print "10.0.0.20" which is obviously very different, and if
+the Net::Netmask module was used to check an IP aggainst an ACL, and then
+another program was executed (that uses inet_aton(), for instance), the ACL
+processing might not match the connection.
+
+Thus, it is advised to use this with caution.
=head1 METHODS
@@ -358,7 +403,7 @@
For instance,
- Net::Netmask->new( '10.0.0.0/24' )->split(2)
+ Net::Netmask->safe_new( '10.0.0.0/24' )->split(2)
is equivilent to
@@ -510,7 +555,7 @@
Copyright (C) 2011-2013 Google, Inc.
-Copyright (C) 2018 Joelle Maslak
+Copyright (C) 2018-2021 Joelle Maslak
This module may be used, modified and redistributed under the same
terms as Perl itself.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/t/badnets.t
new/Net-Netmask-2.0001/t/badnets.t
--- old/Net-Netmask-1.9104/t/badnets.t 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/t/badnets.t 2021-03-29 21:30:41.000000000 +0200
@@ -132,6 +132,149 @@
error => qr/^could not parse /,
type => 'bad mask',
},
+ # These do weird things that users almost certainly don't expect,
+ # creating a potential security issue. I.E. all of the below IP
+ # addresses would be valid to inet_aton().
+ {
+ input => [ '1.131844', '32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '0192.0.1.2', '32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '192.00.1.2', '32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '192.0.01.2', '32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '192.0.1.02', '32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '0xC0.0x1.0x3.0x4', '32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '1.131844/32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '0192.0.1.2/32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '192.00.1.2/32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '192.0.01.2/32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '192.0.1.02/32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '0xC0.0x1.0x3.0x4/32' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '1.131844' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '0192.0.1.2' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '192.00.1.2' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '0192.0.01.2' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '192.0.1.02' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '0xC0.0x1.0x3.0x4' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10/8' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10.0/8' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10.0.0/8' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10', '8' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10.0', '8' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10.0.0', '8' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10', '8' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10.0' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '10.0.0' ],
+ error => qr/^could not parse /,
+ type => 'ambiguous',
+ },
+ {
+ input => [ '2001::/129' ],
+ error => qr/^illegal number of bits/,
+ type => 'bad mask',
+ },
);
foreach my $test (@tests) {
@@ -140,15 +283,21 @@
my $name = ( join ', ', @{ $test->{input} } );
my $type = $test->{type};
- my $result = Net::Netmask->new2(@$input);
-
+ my $result = Net::Netmask->safe_new(@$input);
is( $result, undef, "$name $type" );
like( Net::Netmask->errstr, $err, "$name errstr mismatch" );
+
+ warns { $result = Net::Netmask->new(@$input) };
+ if ($result->{PROTOCOL} eq 'IPv4') {
+ is( "$result", "0.0.0.0/0", "result is 0.0.0.0/0" );
+ } else {
+ is( "$result", "::/0", "result is 0.0.0.0/0" );
+ }
}
# test whois numbers with space between dash (valid!)
-ok( Net::Netmask->new2('209.157.64.0 - 209.157.95.255'), "whois with single
space around dash" );
-ok( Net::Netmask->new2('209.157.64.0 - 209.157.95.255'),
+ok( Net::Netmask->safe_new('209.157.64.0 - 209.157.95.255'), "whois with
single space around dash" );
+ok( Net::Netmask->safe_new('209.157.64.0 - 209.157.95.255'),
"whois with mulitple spaces around dash" );
done_testing;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Net-Netmask-1.9104/t/netmasks.t
new/Net-Netmask-2.0001/t/netmasks.t
--- old/Net-Netmask-1.9104/t/netmasks.t 2018-07-28 01:01:55.000000000 +0200
+++ new/Net-Netmask-2.0001/t/netmasks.t 2021-03-29 21:30:41.000000000 +0200
@@ -21,29 +21,29 @@
MAIN: {
# Note that _ in the addr gets replaced with a '#'
- # addr mask base newmask
bits mb proto todo
+ # addr mask base newmask
bits mb proto shortnet todo
my @rtests = qw(
- 209.157.68.22:255.255.224.0 u 209.157.64.0 255.255.224.0
19 18 IPv4 0
- 209.157.68.22 255.255.224.0 209.157.64.0 255.255.224.0
19 18 IPv4 0
- 209.157.70.33 0xffffe000 209.157.64.0 255.255.224.0
19 18 IPv4 0
- 209.157.70.33/19 u 209.157.64.0 255.255.224.0
19 18 IPv4 0
- 209.157.70.33 u 209.157.70.33
255.255.255.255 32 32 IPv4 0
- 140.174.82 u 140.174.82.0 255.255.255.0
24 23 IPv4 0
- 140.174 u 140.174.0.0 255.255.0.0
16 15 IPv4 0
- 10 u 10.0.0.0 255.0.0.0
8 7 IPv4 0
- 10/8 u 10.0.0.0 255.0.0.0
8 7 IPv4 0
- 209.157.64/19 u 209.157.64.0 255.255.224.0
19 18 IPv4 0
- 209.157.64.0-209.157.95.255 u 209.157.64.0 255.255.224.0
19 18 IPv4 0
- 216.140.48.16/32 u 216.140.48.16
255.255.255.255 32 28 IPv4 0
- 209.157/17 u 209.157.0.0 255.255.128.0
17 16 IPv4 0
- default u 0.0.0.0 0.0.0.0
0 0 IPv4 0
- 209.157.68.22_0.0.31.255 u 209.157.64.0 255.255.224.0
19 18 IPv4 0
- 2001:db8::/32 u 2001:db8:: ffff:ffff::
32 29 IPv6 0
- 2001:db8:100::/48 u 2001:db8:100::
ffff:ffff:ffff:: 48 40 IPv6 0
- 2001:db8:100:: u 2001:db8:100::
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff 128 40 IPv6 0
- 2001:db8:100::1 u 2001:db8:100::1
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff 128 128 IPv6 0
- 1:2:3:4:5:6:7:4/64 u 1:2:3:4::
ffff:ffff:ffff:ffff:: 64 62 IPv6 0
- default6 u :: ::
0 0 IPv6 0
+ 209.157.68.22:255.255.224.0 u 209.157.64.0 255.255.224.0
19 18 IPv4 0 0
+ 209.157.68.22 255.255.224.0 209.157.64.0 255.255.224.0
19 18 IPv4 0 0
+ 209.157.70.33 0xffffe000 209.157.64.0 255.255.224.0
19 18 IPv4 0 0
+ 209.157.70.33/19 u 209.157.64.0 255.255.224.0
19 18 IPv4 0 0
+ 209.157.70.33 u 209.157.70.33
255.255.255.255 32 32 IPv4 0 0
+ 140.174.82 u 140.174.82.0 255.255.255.0
24 23 IPv4 1 0
+ 140.174 u 140.174.0.0 255.255.0.0
16 15 IPv4 1 0
+ 10 u 10.0.0.0 255.0.0.0
8 7 IPv4 1 0
+ 10/8 u 10.0.0.0 255.0.0.0
8 7 IPv4 1 0
+ 209.157.64/19 u 209.157.64.0 255.255.224.0
19 18 IPv4 1 0
+ 209.157.64.0-209.157.95.255 u 209.157.64.0 255.255.224.0
19 18 IPv4 0 0
+ 216.140.48.16/32 u 216.140.48.16
255.255.255.255 32 28 IPv4 0 0
+ 209.157/17 u 209.157.0.0 255.255.128.0
17 16 IPv4 1 0
+ default u 0.0.0.0 0.0.0.0
0 0 IPv4 0 0
+ 209.157.68.22_0.0.31.255 u 209.157.64.0 255.255.224.0
19 18 IPv4 0 0
+ 2001:db8::/32 u 2001:db8:: ffff:ffff::
32 29 IPv6 0 0
+ 2001:db8:100::/48 u 2001:db8:100::
ffff:ffff:ffff:: 48 40 IPv6 0 0
+ 2001:db8:100:: u 2001:db8:100::
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff 128 40 IPv6 0 0
+ 2001:db8:100::1 u 2001:db8:100::1
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff 128 128 IPv6 0 0
+ 1:2:3:4:5:6:7:4/64 u 1:2:3:4::
ffff:ffff:ffff:ffff:: 64 62 IPv6 0 0
+ default6 u :: ::
0 0 IPv6 0 0
);
my @store = qw(
@@ -85,21 +85,26 @@
my $debug = 0;
my $x;
- my ( $addr, $mask, $base, $newmask, $bits, $max, $proto, $todo );
- while ( ( $addr, $mask, $base, $newmask, $bits, $max, $proto, $todo ) =
- splice( @rtests, 0, 8 ) )
+ my ( $addr, $mask, $base, $newmask, $bits, $max, $proto, $shortnet, $todo
);
+ while ( ( $addr, $mask, $base, $newmask, $bits, $max, $proto, $shortnet,
$todo ) =
+ splice( @rtests, 0, 9 ) )
{
$addr =~ s/_/#/g;
- diag "$addr $mask $base $newmask $bits $max $proto $todo";
+ diag "$addr $mask $base $newmask $bits $max $proto $shortnet $todo";
$mask = undef if $mask eq 'u';
$newmask = undef if $newmask eq 'u';
my $test = sub {
- $x = Net::Netmask->new( $addr, $mask );
+ my $x = Net::Netmask->new( $addr, $mask, shortnet => $shortnet );
+
+ local($Net::Netmask::SHORTNET_DEFAULT) = 1;
+ my $y = Net::Netmask->new( $addr, $mask );
+
ok( $x, "parsed $addr " );
+ is( $x cmp $y, 0, "Same with SHORTNET_DEFAULT enabled" );
if ( defined($x) ) {
is( $x->base(), $base, "base of $addr" );
@@ -703,11 +708,22 @@
$block77->storeNetblock();
is( findNetblock( "10.2.1.0", $table77 ), undef );
+ my $table77 = {};
+ my $block77 = Net::Netmask->safe_new("10.1.2.0/24");
+ $block77->storeNetblock();
+ is( findNetblock( "10.2.1.0", $table77 ), undef );
+
$table77 = {};
$block77 = Net::Netmask->new2("2001:db8:cccc:1111::/64");
is( $Net::Netmask::error, undef, 'No error' );
$block77->storeNetblock();
is( findNetblock( "2001:db8:cccc:2222::", $table77 ), undef );
+
+ $table77 = {};
+ $block77 = Net::Netmask->safe_new("2001:db8:cccc:1111::/64");
+ is( $Net::Netmask::error, undef, 'No error' );
+ $block77->storeNetblock();
+ is( findNetblock( "2001:db8:cccc:2222::", $table77 ), undef );
{
my $bl = Net::Netmask->new("192.168.0.0/23");
++++++ cpanspec.yml ++++++
--- /var/tmp/diff_new_pack.WlAdh2/_old 2021-04-01 14:18:40.204106605 +0200
+++ /var/tmp/diff_new_pack.WlAdh2/_new 2021-04-01 14:18:40.204106605 +0200
@@ -14,7 +14,7 @@
# sed -i -e "s,hunspell-X,$hunspell," t/00-prereq.t Makefile.PL
#post_install: |-
# sed on %{name}.files
-license: Artistic-1.0 or GPL-1.0+
+#license: Artistic-1.0 or GPL-1.0+
#skip_noarch: 1
#custom_build: -
#./Build build flags=%{?_smp_mflags} --myflag
