Enhancement #3331

Relax validators of IPsec tunnel id fields

Added by Davide Principi over 5 years ago. Updated over 5 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-ipsec
Target version:v6.7
Resolution: NEEDINFO:No

Description

In nethserver-ipsec-1.1.3-1.ns6 the validator of "Local Id" and "Remote Id" fields allows only IP or an domain name prefixed with @.

Some firewalls, like zywall, allow also email. Relax the validator to allow any string of less than 64 characters length.

Associated revisions

Revision a3f39ac8
Added by Davide Principi over 5 years ago

IpsecTunnels UI: free leftid and rightid validators. Refs #3331

Revision 249f62ed
Added by Davide Principi over 5 years ago

Removed old validator language string. Refs #3331

History

#1 Updated by Davide Principi over 5 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#2 Updated by Davide Principi over 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

Test case

upgrade nethserver-ipsec then test "Local ID" and "Remote ID" fields validation. Any string up to 63 characters must be allowed.

#3 Updated by Davide Principi over 5 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing

nethserver-ipsec-1.1.3-1.2.g249f62e.ns6.noarch.rpm

#4 Updated by Filippo Carletti over 5 years ago

  • Status changed from ON_QA to VERIFIED
  • % Done changed from 70 to 90

I verified the issue on a system where I created a tunnel with nethserver-ipsec-1.2, at time I used an fqdn as leftid without the @ prefix.
When I received the updated nethserver-ipsec-1.3 and tried to modify the tunnel I got the following validation error:

Local identifier
IPv4 valid address
Local identifier
An host name prepended with "@", or IP address

Then I updated to:

Updated:
  nethserver-ipsec.noarch 0:1.1.3-1.2.g249f62e.ns6

and tried again to save the tunnel: everything proceeded and the ipsec.conf contains the leftid value I used.

#5 Updated by Davide Principi over 5 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

In nethserver-updates

nethserver-ipsec-1.1.4-1.ns6.noarch.rpm

Also available in: Atom PDF