diff options
author | jesper <jesper@FreeBSD.org> | 2001-07-12 00:01:45 +0000 |
---|---|---|
committer | jesper <jesper@FreeBSD.org> | 2001-07-12 00:01:45 +0000 |
commit | 93faa5d597dce09f52a652cb24242bd11e6b6682 (patch) | |
tree | ea8cb02bebdbd16fc5c51e2cad8f361480430206 /usr.sbin | |
parent | 18f0b3d72350087a2137f810114e05827ee52c20 (diff) | |
download | FreeBSD-src-93faa5d597dce09f52a652cb24242bd11e6b6682.zip FreeBSD-src-93faa5d597dce09f52a652cb24242bd11e6b6682.tar.gz |
Fix IP address checking, now we allow addresses like 172.17.0.0/23 as
a host address
PR: misc/27799
Reviewed by: jkh
Approved by: jkh
MFC after: 1 month
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/sysinstall/tcpip.c | 30 |
1 files changed, 18 insertions, 12 deletions
diff --git a/usr.sbin/sysinstall/tcpip.c b/usr.sbin/sysinstall/tcpip.c index 1cae6fb..46c886f 100644 --- a/usr.sbin/sysinstall/tcpip.c +++ b/usr.sbin/sysinstall/tcpip.c @@ -118,11 +118,14 @@ feepout(char *msg) /* Verify IP address integrity */ static int -verifyIP(char *ip, unsigned long *out) +verifyIP(char *ip, unsigned long *mask, unsigned long *out) { long a, b, c, d; char *endptr; + unsigned long parsedip; + unsigned long max_addr = (255 << 24) | (255 << 16) | (255 << 8) | 255; + if (ip == NULL) return 0; a = strtol(ip, &endptr, 10); @@ -137,14 +140,17 @@ verifyIP(char *ip, unsigned long *out) d = strtol(endptr, &endptr, 10); if (*endptr != '\0') return 0; - /* Both 0 and 255 are technically valid in nets that are larger - than class C, but at least MS' TCP/IP stacks freak out if they see - them. */ - if (!_validByte(a) || !_validByte(b) || !_validByte(c) || - !_validByte(d) || (d == 0) || (d == 255)) + if (!_validByte(a) || !_validByte(b) || !_validByte(c) || !_validByte(d)) return 0; + parsedip = (a << 24) | (b << 16) | (c << 8) | d; if (out) - *out = (a << 24) | (b << 16) | (c << 8) | d; + *out = parsedip; + /* + * The ip address must not be network or broadcast address. + */ + if (mask && ((parsedip == (parsedip & *mask)) || + (parsedip == ((parsedip & *mask) + max_addr - *mask)))) + return 0; return 1; } @@ -209,7 +215,7 @@ verifyGW(char *gw, unsigned long *ip, unsigned long *mask) { unsigned long parsedgw; - if (!verifyIP(gw, &parsedgw)) + if (!verifyIP(gw, mask, &parsedgw)) return 0; /* Gateway needs to be within the set of IPs reachable through the interface */ @@ -228,13 +234,13 @@ verifySettings(void) if (!hostname[0]) feepout("Must specify a host name of some sort!"); - else if (nameserver[0] && !verifyIP(nameserver, NULL) && + else if (netmask[0] && !verifyNetmask(netmask, &parsednetmask)) + feepout("Invalid netmask value"); + else if (nameserver[0] && !verifyIP(nameserver, NULL, NULL) && !verifyIP6(nameserver)) feepout("Invalid name server IP address specified"); - else if (ipaddr[0] && !verifyIP(ipaddr, &parsedip)) + else if (ipaddr[0] && !verifyIP(ipaddr, &parsednetmask, &parsedip)) feepout("Invalid IPv4 address"); - else if (netmask[0] && !verifyNetmask(netmask, &parsednetmask)) - feepout("Invalid netmask value"); else if (gateway[0] && strcmp(gateway, "NO") && !verifyGW(gateway, ipaddr[0] ? &parsedip : NULL, netmask[0] ? &parsednetmask : NULL)) |