[lxc-devel] [lxd/master] Network: Validate network name differently based on network type
tomponline on Github
lxc-bot at linuxcontainers.org
Mon Aug 3 17:03:29 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 558 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200803/f4373f7a/attachment-0001.bin>
-------------- next part --------------
From 1c0b92cfc7980fd46c75027bcc52daffae789356 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 17:56:00 +0100
Subject: [PATCH 1/9] lxd/network/network/utils: Renames ValidNetworkName to
validRealNetworkName
- Clarifies error messages.
- Unexports.
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/network_utils.go | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lxd/network/network_utils.go b/lxd/network/network_utils.go
index ae2e4977d2..9ff38e8d45 100644
--- a/lxd/network/network_utils.go
+++ b/lxd/network/network_utils.go
@@ -30,26 +30,26 @@ import (
"github.com/lxc/lxd/shared/logger"
)
-// ValidNetworkName validates network name.
-func ValidNetworkName(value string) error {
+// validRealNetworkName validates a real network interface name.
+func validRealNetworkName(value string) error {
// Not a veth-liked name
if strings.HasPrefix(value, "veth") {
- return fmt.Errorf("Interface name cannot be prefix with veth")
+ return fmt.Errorf("Network interface cannot be prefix with veth")
}
// Validate the length
if len(value) < 2 {
- return fmt.Errorf("Interface name is too short (minimum 2 characters)")
+ return fmt.Errorf("Network interface is too short (minimum 2 characters)")
}
if len(value) > 15 {
- return fmt.Errorf("Interface name is too long (maximum 15 characters)")
+ return fmt.Errorf("Network interface is too long (maximum 15 characters)")
}
// Validate the character set
match, _ := regexp.MatchString("^[-_a-zA-Z0-9.]*$", value)
if !match {
- return fmt.Errorf("Interface name contains invalid characters")
+ return fmt.Errorf("Network interface contains invalid characters")
}
return nil
From 9ded358c1cd98e3a5f097f78a038272f9f900c08 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 17:56:42 +0100
Subject: [PATCH 2/9] lxd/network/network/utils: Adds validVirtualNetworkName
For validating networks that do not have their own interface.
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/network_utils.go | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/lxd/network/network_utils.go b/lxd/network/network_utils.go
index 9ff38e8d45..db95a64ca3 100644
--- a/lxd/network/network_utils.go
+++ b/lxd/network/network_utils.go
@@ -55,6 +55,15 @@ func validRealNetworkName(value string) error {
return nil
}
+// validVirtualNetworkName validates a virtual network name (one that doesn't have an actual network interface).
+func validVirtualNetworkName(value string) error {
+ if strings.Contains(value, "/") {
+ return fmt.Errorf(`Network name cannot contain "\"`)
+ }
+
+ return nil
+}
+
func networkValidPort(value string) error {
if value == "" {
return nil
From adb2fe40345428696227681effeac1f23cb70517 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 17:57:13 +0100
Subject: [PATCH 3/9] lxd/network/network/interfaces: Adds ValidateName
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/network_interface.go | 1 +
1 file changed, 1 insertion(+)
diff --git a/lxd/network/network_interface.go b/lxd/network/network_interface.go
index 514f3e4d1c..20e3ca5cdc 100644
--- a/lxd/network/network_interface.go
+++ b/lxd/network/network_interface.go
@@ -16,6 +16,7 @@ type Network interface {
fillConfig(config map[string]string) error
// Config.
+ ValidateName(name string) error
Validate(config map[string]string) error
Name() string
Type() string
From a2f59616486acb805fcaa511b87b29fdf772c7f2 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 17:57:56 +0100
Subject: [PATCH 4/9] lxd/network/driver/bridge: Implements ValidateName
Also switches to use validRealNetworkName.
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/driver_bridge.go | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index 436d41d778..b7b85151d9 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -118,6 +118,11 @@ func (n *bridge) fillConfig(config map[string]string) error {
return nil
}
+// ValidateName validates network name.
+func (n *bridge) ValidateName(name string) error {
+ return validRealNetworkName(name)
+}
+
// Validate network config.
func (n *bridge) Validate(config map[string]string) error {
// Build driver specific rules dynamically.
@@ -132,7 +137,7 @@ func (n *bridge) Validate(config map[string]string) error {
for _, entry := range strings.Split(value, ",") {
entry = strings.TrimSpace(entry)
- if err := ValidNetworkName(entry); err != nil {
+ if err := validRealNetworkName(entry); err != nil {
return errors.Wrapf(err, "Invalid interface name %q", entry)
}
}
@@ -255,7 +260,7 @@ func (n *bridge) Validate(config map[string]string) error {
case "id":
rules[k] = validate.Optional(validate.IsInt64)
case "inteface":
- rules[k] = ValidNetworkName
+ rules[k] = validRealNetworkName
case "ttl":
rules[k] = validate.Optional(validate.IsUint8)
}
From aab6e4543ffe1e91e45283dc07994bc86a62d02e Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 17:58:41 +0100
Subject: [PATCH 5/9] lxd/network/driver/macvlan: Implements ValidateName
Also switches to use validRealNetworkName for parent setting.
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/driver_macvlan.go | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/lxd/network/driver_macvlan.go b/lxd/network/driver_macvlan.go
index 549672049d..ec1ea681e6 100644
--- a/lxd/network/driver_macvlan.go
+++ b/lxd/network/driver_macvlan.go
@@ -3,8 +3,6 @@ package network
import (
"fmt"
- "github.com/pkg/errors"
-
"github.com/lxc/lxd/lxd/revert"
"github.com/lxc/lxd/shared/api"
log "github.com/lxc/lxd/shared/log15"
@@ -16,16 +14,15 @@ type macvlan struct {
common
}
+// ValidateName validates network name.
+func (n *macvlan) ValidateName(name string) error {
+ return validVirtualNetworkName(name)
+}
+
// Validate network config.
func (n *macvlan) Validate(config map[string]string) error {
rules := map[string]func(value string) error{
- "parent": func(value string) error {
- if err := ValidNetworkName(value); err != nil {
- return errors.Wrapf(err, "Invalid interface name %q", value)
- }
-
- return nil
- },
+ "parent": validRealNetworkName,
"mtu": validate.Optional(validate.IsInt64),
"vlan": validate.Optional(validate.IsNetworkVLAN),
"maas.subnet.ipv4": validate.IsAny,
From 03e88399acdfbe5e84a04aa118aab2e3580a565c Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 17:59:28 +0100
Subject: [PATCH 6/9] lxd/network/driver/sriov: Implements ValidateName
Also switches to use validRealNetworkName for parent setting.
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/driver_sriov.go | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/lxd/network/driver_sriov.go b/lxd/network/driver_sriov.go
index 87eb4f37e5..75ad8d6a0e 100644
--- a/lxd/network/driver_sriov.go
+++ b/lxd/network/driver_sriov.go
@@ -3,8 +3,6 @@ package network
import (
"fmt"
- "github.com/pkg/errors"
-
"github.com/lxc/lxd/lxd/revert"
"github.com/lxc/lxd/shared/api"
log "github.com/lxc/lxd/shared/log15"
@@ -16,16 +14,15 @@ type sriov struct {
common
}
+// ValidateName validates network name.
+func (n *sriov) ValidateName(name string) error {
+ return validVirtualNetworkName(name)
+}
+
// Validate network config.
func (n *sriov) Validate(config map[string]string) error {
rules := map[string]func(value string) error{
- "parent": func(value string) error {
- if err := ValidNetworkName(value); err != nil {
- return errors.Wrapf(err, "Invalid interface name %q", value)
- }
-
- return nil
- },
+ "parent": validRealNetworkName,
"mtu": validate.Optional(validate.IsInt64),
"vlan": validate.Optional(validate.IsNetworkVLAN),
"maas.subnet.ipv4": validate.IsAny,
From 5fe77addd0358971b75a1a368b5c4c036ab1c12c Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 17:59:53 +0100
Subject: [PATCH 7/9] lxd/network/network/load: Adds ValidateName helper
function
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/network_load.go | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/lxd/network/network_load.go b/lxd/network/network_load.go
index 0990e30662..9ce8122d59 100644
--- a/lxd/network/network_load.go
+++ b/lxd/network/network_load.go
@@ -29,20 +29,34 @@ func LoadByName(s *state.State, name string) (Network, error) {
return n, nil
}
-// Validate validates the supplied network configuration for the specified network type.
+// ValidateName validates the supplied network name for the specified network type.
+func ValidateName(name string, netType string) error {
+ driverFunc, ok := drivers[netType]
+ if !ok {
+ return ErrUnknownDriver
+ }
+
+ n := driverFunc()
+ n.init(nil, 0, name, netType, "", nil, "Unknown")
+
+ return n.ValidateName(name)
+}
+
+// Validate validates the supplied network name and configuration for the specified network type.
func Validate(name string, netType string, config map[string]string) error {
driverFunc, ok := drivers[netType]
if !ok {
return ErrUnknownDriver
}
- err := ValidNetworkName(name)
+ n := driverFunc()
+ n.init(nil, 0, name, netType, "", config, "Unknown")
+
+ err := n.ValidateName(name)
if err != nil {
return err
}
- n := driverFunc()
- n.init(nil, 0, name, netType, "", config, "Unknown")
return n.Validate(config)
}
From ce3637fb1c838d314900dd71d9a8158801209bfe Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 18:00:18 +0100
Subject: [PATCH 8/9] lxd/main/init/interactive: Switches to
network.ValidateName for bridge validation
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/main_init_interactive.go | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lxd/main_init_interactive.go b/lxd/main_init_interactive.go
index 7a6bacdf5a..493a3b62d9 100644
--- a/lxd/main_init_interactive.go
+++ b/lxd/main_init_interactive.go
@@ -351,7 +351,7 @@ func (c *cmdInit) askNetworking(config *cmdInitData, d lxd.InstanceServer) error
net.Config = map[string]string{}
// Network name
- net.Name = cli.AskString("What should the new bridge be called? [default=lxdbr0]: ", "lxdbr0", network.ValidNetworkName)
+ net.Name = cli.AskString("What should the new bridge be called? [default=lxdbr0]: ", "lxdbr0", func(netName string) error { return network.ValidateName(netName, "bridge") })
_, _, err := d.GetNetwork(net.Name)
if err == nil {
fmt.Printf("The requested network bridge \"%s\" already exists. Please choose another name.\n", net.Name)
From b97b03191e3780611b29fbbd7ba9a4a92426fff0 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 3 Aug 2020 18:00:44 +0100
Subject: [PATCH 9/9] lxd/networks: Switches to network.ValidateName
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/networks.go | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lxd/networks.go b/lxd/networks.go
index 5f892d3bcf..cee9c0ea68 100644
--- a/lxd/networks.go
+++ b/lxd/networks.go
@@ -111,11 +111,6 @@ func networksPost(d *Daemon, r *http.Request) response.Response {
return response.BadRequest(fmt.Errorf("No name provided"))
}
- err = network.ValidNetworkName(req.Name)
- if err != nil {
- return response.BadRequest(err)
- }
-
if req.Type == "" {
req.Type = "bridge"
}
@@ -124,6 +119,11 @@ func networksPost(d *Daemon, r *http.Request) response.Response {
req.Config = map[string]string{}
}
+ err = network.ValidateName(req.Name, req.Type)
+ if err != nil {
+ return response.BadRequest(err)
+ }
+
// Convert requested network type to DB type code.
var dbNetType db.NetworkType
switch req.Type {
@@ -611,7 +611,7 @@ func networkPost(d *Daemon, r *http.Request) response.Response {
return response.BadRequest(fmt.Errorf("No name provided"))
}
- err = network.ValidNetworkName(req.Name)
+ err = network.ValidateName(req.Name, n.Type())
if err != nil {
return response.BadRequest(err)
}
More information about the lxc-devel
mailing list