Bug #1801

RemoteAccess/HttpdAdmin UI module does not authorize 0.0.0.0/0.0.0.0 address

Added by Davide Principi over 8 years ago. Updated about 8 years ago.

Status:CLOSEDStart date:
Priority:LowDue date:
Assignee:-% Done:

100%

Category:nethserver-httpd-admin
Target version:v6.4-beta1
Security class: Resolution:
Affected version:v6.4-alpha2 NEEDINFO:

Description

RemoteAccess/HttpdAdmin > create new
  • IPAddress 0.0.0.0
  • Netmask 0.0.0.0

does not validate input data.

Associated revisions

Revision 644a5186
Added by Giacomo Sanchietti over 8 years ago

Validator.php: relax validator for ip and netmask, accept value 0.0.0.0. Refs #1801

Revision 97c9c736
Added by Davide Principi over 8 years ago

ValidatorTest: fixed ipV4Address test. Refs #1801

History

#1 Updated by Filippo Carletti over 8 years ago

See RFC1519 for reference.
While the syntax 0.0.0.0/0.0.0.0 is valid and correct, the CIDR notation would be 0.0.0.0/0.
I think we must accept both formats, but try to prefer CIDR notations (i.e. ne.tw.or.k/bits).

#2 Updated by Davide Principi over 8 years ago

Currently we have two input fields, the first for IP, the second for the netmask, so both forms (CIDR, IP/Netmask) are not accepted. Do you think it's better to merge the two fields into one?

If we accept both CIDR and IP/Netmask syntaxes as input, we need to display and keep a normalized form into DB. Which one?

#3 Updated by Filippo Carletti over 8 years ago

Do you think it's better to merge the two fields into one?

Probably no, typical UIs have two fields: ip and mask.

If we accept both CIDR and IP/Netmask syntaxes as input, we need to display and keep a normalized form into DB. Which one?

I have no preferences. If we think of the ACl as one item, i'd say a form with one variable.

#4 Updated by Davide Principi over 8 years ago

  • Priority changed from Normal to Low

#5 Updated by Giacomo Sanchietti over 8 years ago

  • Assignee set to Giacomo Sanchietti

#6 Updated by Giacomo Sanchietti over 8 years ago

  • Status changed from NEW to MODIFIED
  • % Done changed from 0 to 100

Changed ip and netmask validators to accept 0.0.0.0.

#7 Updated by Davide Principi about 8 years ago

  • Status changed from MODIFIED to CLOSED

Also available in: Atom PDF