summaryrefslogtreecommitdiffstats
path: root/usr.sbin
diff options
context:
space:
mode:
authorjesper <jesper@FreeBSD.org>2001-07-12 00:01:45 +0000
committerjesper <jesper@FreeBSD.org>2001-07-12 00:01:45 +0000
commit93faa5d597dce09f52a652cb24242bd11e6b6682 (patch)
treeea8cb02bebdbd16fc5c51e2cad8f361480430206 /usr.sbin
parent18f0b3d72350087a2137f810114e05827ee52c20 (diff)
downloadFreeBSD-src-93faa5d597dce09f52a652cb24242bd11e6b6682.zip
FreeBSD-src-93faa5d597dce09f52a652cb24242bd11e6b6682.tar.gz
Fix IP address checking, now we allow addresses like 172.17.0.0/23 as
a host address PR: misc/27799 Reviewed by: jkh Approved by: jkh MFC after: 1 month
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/sysinstall/tcpip.c30
1 files changed, 18 insertions, 12 deletions
diff --git a/usr.sbin/sysinstall/tcpip.c b/usr.sbin/sysinstall/tcpip.c
index 1cae6fb..46c886f 100644
--- a/usr.sbin/sysinstall/tcpip.c
+++ b/usr.sbin/sysinstall/tcpip.c
@@ -118,11 +118,14 @@ feepout(char *msg)
/* Verify IP address integrity */
static int
-verifyIP(char *ip, unsigned long *out)
+verifyIP(char *ip, unsigned long *mask, unsigned long *out)
{
long a, b, c, d;
char *endptr;
+ unsigned long parsedip;
+ unsigned long max_addr = (255 << 24) | (255 << 16) | (255 << 8) | 255;
+
if (ip == NULL)
return 0;
a = strtol(ip, &endptr, 10);
@@ -137,14 +140,17 @@ verifyIP(char *ip, unsigned long *out)
d = strtol(endptr, &endptr, 10);
if (*endptr != '\0')
return 0;
- /* Both 0 and 255 are technically valid in nets that are larger
- than class C, but at least MS' TCP/IP stacks freak out if they see
- them. */
- if (!_validByte(a) || !_validByte(b) || !_validByte(c) ||
- !_validByte(d) || (d == 0) || (d == 255))
+ if (!_validByte(a) || !_validByte(b) || !_validByte(c) || !_validByte(d))
return 0;
+ parsedip = (a << 24) | (b << 16) | (c << 8) | d;
if (out)
- *out = (a << 24) | (b << 16) | (c << 8) | d;
+ *out = parsedip;
+ /*
+ * The ip address must not be network or broadcast address.
+ */
+ if (mask && ((parsedip == (parsedip & *mask)) ||
+ (parsedip == ((parsedip & *mask) + max_addr - *mask))))
+ return 0;
return 1;
}
@@ -209,7 +215,7 @@ verifyGW(char *gw, unsigned long *ip, unsigned long *mask)
{
unsigned long parsedgw;
- if (!verifyIP(gw, &parsedgw))
+ if (!verifyIP(gw, mask, &parsedgw))
return 0;
/* Gateway needs to be within the set of IPs reachable through the
interface */
@@ -228,13 +234,13 @@ verifySettings(void)
if (!hostname[0])
feepout("Must specify a host name of some sort!");
- else if (nameserver[0] && !verifyIP(nameserver, NULL) &&
+ else if (netmask[0] && !verifyNetmask(netmask, &parsednetmask))
+ feepout("Invalid netmask value");
+ else if (nameserver[0] && !verifyIP(nameserver, NULL, NULL) &&
!verifyIP6(nameserver))
feepout("Invalid name server IP address specified");
- else if (ipaddr[0] && !verifyIP(ipaddr, &parsedip))
+ else if (ipaddr[0] && !verifyIP(ipaddr, &parsednetmask, &parsedip))
feepout("Invalid IPv4 address");
- else if (netmask[0] && !verifyNetmask(netmask, &parsednetmask))
- feepout("Invalid netmask value");
else if (gateway[0] && strcmp(gateway, "NO") &&
!verifyGW(gateway, ipaddr[0] ? &parsedip : NULL,
netmask[0] ? &parsednetmask : NULL))
OpenPOWER on IntegriCloud