Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Release v1.1.0 Fixes (#3649)

* fix(go): prevent creating network with fully-masked cidr;

* fix(go): filter out static non-user nodes;

* fix(go): prevent creation of networks with only broadcast and network ip;
Vishal Dalwadi 2 days ago
parent
924fcf95bf
commit
68707f61f9
2 changed files with 37 additions and 6 deletions
Unified View Show Diff Stats
  1. 21 2
      controllers/network.go
  2. 16 4
      pro/controllers/users.go

+ 21 - 2
controllers/network.go
View File 

@@ -575,21 +575,40 @@ func createNetwork(w http.ResponseWriter, r *http.Request) {
 
 
 
 	// validate address ranges: must be private
 
 	// validate address ranges: must be private
 
 	if network.AddressRange != "" {
 
 	if network.AddressRange != "" {
 
-		_, _, err := net.ParseCIDR(network.AddressRange)
 
+		_, cidr, err := net.ParseCIDR(network.AddressRange)
 
 		if err != nil {
 
 		if err != nil {
 
 			logger.Log(0, r.Header.Get("user"), "failed to create network: ",
 
 			logger.Log(0, r.Header.Get("user"), "failed to create network: ",
 
 				err.Error())
 
 				err.Error())
 
 			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 			return
 
 			return
 
+		} else {
 
+			ones, bits := cidr.Mask.Size()
 
+			if bits-ones <= 1 {
 
+				err = fmt.Errorf("cannot create network with /31 or /32 cidr")
 
+				logger.Log(0, r.Header.Get("user"), "failed to create network: ",
 
+					err.Error())
 
+				logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
+				return
 
+			}
 
 		}
 
 		}
 
 	}
 
 	}
 
+
 
 	if network.AddressRange6 != "" {
 
 	if network.AddressRange6 != "" {
 
-		_, _, err := net.ParseCIDR(network.AddressRange6)
 
+		_, cidr, err := net.ParseCIDR(network.AddressRange6)
 
 		if err != nil {
 
 		if err != nil {
 
 			logger.Log(0, r.Header.Get("user"), "failed to create network: ",
 
 			logger.Log(0, r.Header.Get("user"), "failed to create network: ",
 
 				err.Error())
 
 				err.Error())
 
 			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 			return
 
 			return
 
+		} else {
 
+			ones, bits := cidr.Mask.Size()
 
+			if bits-ones <= 1 {
 
+				err = fmt.Errorf("cannot create network with /127 or /128 cidr")
 
+				logger.Log(0, r.Header.Get("user"), "failed to create network: ",
 
+					err.Error())
 
+				logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
+				return
 
+			}
 
 		}
 
 		}
 
 	}
 
 	}

+ 16 - 4
pro/controllers/users.go
View File 

@@ -1498,6 +1498,10 @@ func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 
 			continue
 
 			continue
 
 		}
 
 		}
 
 
 
+		if extClient.RemoteAccessClientID == "" {
 
+			continue
 
+		}
 
+
 
 		_, ok := userExtClients[extClient.IngressGatewayID]
 
 		_, ok := userExtClients[extClient.IngressGatewayID]
 
 		if !ok {
 
 		if !ok {
 
 			userExtClients[extClient.IngressGatewayID] = []models.ExtClient{}
 
 			userExtClients[extClient.IngressGatewayID] = []models.ExtClient{}
 
@@ -1526,13 +1530,21 @@ func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 
 			}
 
 			}
 
 		}
 
 		}
 
 
 
-		if !found {
 
-			// TODO: prevent ip clashes.
 
-			if len(extClients) > 0 {
 
-				gwClient = extClients[0]
 
+		if !found && req.RemoteAccessClientID != "" {
 
+			for _, extClient := range extClients {
 
+				if extClient.RemoteAccessClientID == req.RemoteAccessClientID {
 
+					gwClient = extClient
 
+					found = true
 
+					break
 
+				}
 
 			}
 
 			}
 
 		}
 
 		}
 
 
 
+		if !found && len(extClients) > 0 {
 
+			// TODO: prevent ip clashes.
 
+			gwClient = extClients[0]
 
+		}
 
+
 
 		host, err := logic.GetHost(node.HostID.String())
 
 		host, err := logic.GetHost(node.HostID.String())
 
 		if err != nil {
 
 		if err != nil {
 
 			continue
 
 			continue