GutoVeronezi commented on a change in pull request #4960:
URL: https://github.com/apache/cloudstack/pull/4960#discussion_r629385253
##########
File path:
server/src/main/java/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
##########
@@ -259,23 +246,38 @@ public RemoteAccessVpn doInTransaction(TransactionStatus
status) throws NetworkR
private void validateRemoteAccessVpnConfiguration() throws
ConfigurationException {
String ipRange = RemoteAccessVpnClientIpRange.value();
if (ipRange == null) {
- s_logger.warn("Remote Access VPN global configuration missing
client ip range -- ignoring");
+ s_logger.warn(String.format("Remote access VPN configuration:
Global configuration [%s] missing client IP range.",
RemoteAccessVpnClientIpRange.key()));
return;
}
- Integer pskLength = _pskLength;
- if (pskLength != null && (pskLength < 8 || pskLength > 256)) {
- throw new ConfigurationException("Remote Access VPN: IPSec
preshared key length should be between 8 and 256");
+
+ if (_pskLength < 8 || _pskLength > 256) {
+ throw new ConfigurationException(String.format("Remote access VPN
configuration: IPSec preshared key length [%s] should be between 8 and 256.",
_pskLength));
}
+ validateIpRange(ipRange, ConfigurationException.class);
+ }
+
+ protected <T extends Throwable> void validateIpRange(String ipRange,
Class<T> exceptionClass) throws T {
String[] range = ipRange.split("-");
+
if (range.length != 2) {
- throw new ConfigurationException("Remote Access VPN: Invalid ip
range " + ipRange);
+ throwExceptionOnValidateIpRangeError(exceptionClass,
String.format("IP range [%s] is an invalid IP range.", ipRange));
}
+
if (!NetUtils.isValidIp4(range[0]) || !NetUtils.isValidIp4(range[1])) {
- throw new ConfigurationException("Remote Access VPN: Invalid ip in
range specification " + ipRange);
+ throwExceptionOnValidateIpRangeError(exceptionClass,
String.format("One or both IPs sets in the range [%s] are invalid IPs.",
ipRange));
}
+
if (!NetUtils.validIpRange(range[0], range[1])) {
- throw new ConfigurationException("Remote Access VPN: Invalid ip
range " + ipRange);
+ throwExceptionOnValidateIpRangeError(exceptionClass,
String.format("Range of IPs [%s] is invalid.", ipRange));
+ }
+ }
+
+ protected <T extends Throwable> void
throwExceptionOnValidateIpRangeError(Class<T> exceptionClass, String
errorMessage) throws T {
Review comment:
@DaanHoogland done.
##########
File path:
server/src/main/java/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
##########
@@ -390,19 +389,18 @@ public VpnUser addVpnUser(final long vpnOwnerId, final
String username, final St
public VpnUser doInTransaction(TransactionStatus status) {
Account owner = _accountDao.lockRow(vpnOwnerId, true);
if (owner == null) {
- throw new InvalidParameterValueException("Unable to add
vpn user: Another operation active");
+ throw new
InvalidParameterValueException(String.format("Unable to add VPN user {\"id\":
%s, \"username\": \"%s\"}: Another operation is active.", vpnOwnerId,
username));
}
_accountMgr.checkAccess(caller, null, true, owner);
- //don't allow duplicated user names for the same account
VpnUserVO vpnUser =
_vpnUsersDao.findByAccountAndUsername(owner.getId(), username);
if (vpnUser != null) {
- throw new InvalidParameterValueException("VPN User with
name " + username + " is already added for account " + owner);
+ throw new InvalidParameterValueException("VPN User with
name " + username + " is already added for account " + owner);
Review comment:
@DaanHoogland done.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
