CLOUDSTACK-4586 Added CIDR validation for SG Egress rules
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/7aea599e Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/7aea599e Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/7aea599e Branch: refs/heads/disk-cache Commit: 7aea599eb4f16fc919a7556d5800f105a99b708e Parents: f555e26 Author: Jayapal <jaya...@apache.org> Authored: Tue Sep 3 14:17:16 2013 +0530 Committer: Jayapal <jaya...@apache.org> Committed: Tue Sep 3 14:18:18 2013 +0530 ---------------------------------------------------------------------- .../user/securitygroup/AuthorizeSecurityGroupIngressCmd.java | 7 ------- .../com/cloud/network/security/SecurityGroupManagerImpl.java | 8 ++++++++ 2 files changed, 8 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7aea599e/api/src/org/apache/cloudstack/api/command/user/securitygroup/AuthorizeSecurityGroupIngressCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/securitygroup/AuthorizeSecurityGroupIngressCmd.java b/api/src/org/apache/cloudstack/api/command/user/securitygroup/AuthorizeSecurityGroupIngressCmd.java index 910d70b..d700c88 100644 --- a/api/src/org/apache/cloudstack/api/command/user/securitygroup/AuthorizeSecurityGroupIngressCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/securitygroup/AuthorizeSecurityGroupIngressCmd.java @@ -208,13 +208,6 @@ public class AuthorizeSecurityGroupIngressCmd extends BaseAsyncCmd { @Override public void execute() { - if(cidrList != null){ - for(String cidr : cidrList ){ - if (!NetUtils.isValidCIDR(cidr)){ - throw new ServerApiException(ApiErrorCode.PARAM_ERROR, cidr + " is an Invalid CIDR "); - } - } - } List<? extends SecurityRule> ingressRules = _securityGroupService.authorizeSecurityGroupIngress(this); if (ingressRules != null && !ingressRules.isEmpty()) { SecurityGroupResponse response = _responseGenerator.createSecurityGroupResponseFromSecurityGroupRule(ingressRules); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7aea599e/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java index 50ece89..d209c27 100755 --- a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java +++ b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java @@ -624,6 +624,14 @@ public class SecurityGroupManagerImpl extends ManagerBase implements SecurityGro protocol = NetUtils.ALL_PROTO; } + if(cidrList != null){ + for(String cidr : cidrList ){ + if (!NetUtils.isValidCIDR(cidr)){ + throw new InvalidParameterValueException("Invalid cidr " + cidr); + } + } + } + if (!NetUtils.isValidSecurityGroupProto(protocol)) { throw new InvalidParameterValueException("Invalid protocol " + protocol); }
