From owner-svn-src-head@FreeBSD.ORG Sun Nov 25 10:37:11 2012 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7B53E437; Sun, 25 Nov 2012 10:37:11 +0000 (UTC) (envelope-from dteske@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 5D68C8FC12; Sun, 25 Nov 2012 10:37:11 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qAPAbBKA042287; Sun, 25 Nov 2012 10:37:11 GMT (envelope-from dteske@svn.freebsd.org) Received: (from dteske@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qAPAbBc6042285; Sun, 25 Nov 2012 10:37:11 GMT (envelope-from dteske@svn.freebsd.org) Message-Id: <201211251037.qAPAbBc6042285@svn.freebsd.org> From: Devin Teske Date: Sun, 25 Nov 2012 10:37:11 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r243504 - in head/usr.sbin/bsdconfig/networking: include share X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Nov 2012 10:37:11 -0000 Author: dteske Date: Sun Nov 25 10:37:10 2012 New Revision: 243504 URL: http://svnweb.freebsd.org/changeset/base/243504 Log: Split IP address validation routines and improve error detection for dotted- quad notation in IPv6 addresses. Approved by: adrian (co-mentor) (implicit) Modified: head/usr.sbin/bsdconfig/networking/include/messages.subr head/usr.sbin/bsdconfig/networking/share/ipaddr.subr Modified: head/usr.sbin/bsdconfig/networking/include/messages.subr ============================================================================== --- head/usr.sbin/bsdconfig/networking/include/messages.subr Sun Nov 25 09:06:32 2012 (r243503) +++ head/usr.sbin/bsdconfig/networking/include/messages.subr Sun Nov 25 10:37:10 2012 (r243504) @@ -55,10 +55,10 @@ msg_hostname_label_is_null="ERROR! One o msg_hostname_label_starts_or_ends_with_hyphen="ERROR! One or more individual labels within the hostname\n(separated by dots) starts or ends with a hyphen (hyphens\nare allowed, but a label cannot begin or end with a hyphen).\n\nInvalid Hostname: %s" msg_internal_error_nsindex_value="FATAL! dialog_input_nameserver_edit_awk: variable\nnsindex must be a whole positive integer greater-\nthan or equal-to zero.\n\nInvalid nsindex: %s" msg_ipaddr4="ipaddr" -msg_ipv4_addr_octet_contains_invalid_chars="ERROR! One or more individual octets within the IP address\n(separated by dots) contains one or more invalid characters.\nOctets must contain only the characters 0-9.\n\nInvalid IP Address: %s" -msg_ipv4_addr_octet_exceeds_max_value="ERROR! One or more individual octets within the IP address\n(separated by dots) exceeds the maximum of 255.\n\nInvalid IP Address: %s" -msg_ipv4_addr_octet_is_null="ERROR! One or more individual octets within the IP address\n(separated by dots) are null and/or missing.\n\nInvalid IP Address: %s" -msg_ipv4_addr_octet_missing_or_extra="ERROR! The IP address entered has either too few (less than\nfour) or too many (more than four) octets, separated by dots.\n\nInvalid IP Address: %s" +msg_ipv4_addr_octet_contains_invalid_chars="ERROR! One or more individual octets within the IPv4 address\n(separated by dots) contains one or more invalid characters.\nOctets must contain only the characters 0-9.\n\nInvalid IP Address: %s" +msg_ipv4_addr_octet_exceeds_max_value="ERROR! One or more individual octets within the IPv4 address\n(separated by dots) exceeds the maximum of 255.\n\nInvalid IP Address: %s" +msg_ipv4_addr_octet_is_null="ERROR! One or more individual octets within the IPv4 address\n(separated by dots) are null and/or missing.\n\nInvalid IP Address: %s" +msg_ipv4_addr_octet_missing_or_extra="ERROR! The IPv4 address entered has either too few (less than\nfour) or too many (more than four) octets, separated by dots.\n\nInvalid IP Address: %s" msg_ipv6_addr_segment_contains_invalid_chars="ERROR! One or more individual segments within the IP address\n(separated by colons) contains one or more invalid characters.\nSegments must contain only combinations of the characters 0-9,\nA-F, or a-f.\n\nInvalid IPv6 Address: %s" msg_ipv6_addr_segment_contains_too_many_chars="ERROR! One or more individual segments within the IP address\n(separated by colons) exceeds the length of 4 hex-digits.\n\nInvalid IPv6 Address: %s" msg_ipv6_addr_too_few_or_extra_segments="ERROR! The IP address entered has either too few (less than 3), too\nmany (more than 8), or not enough segments, separated by colons.\n\nInvalid IPv6 Address: %s" Modified: head/usr.sbin/bsdconfig/networking/share/ipaddr.subr ============================================================================== --- head/usr.sbin/bsdconfig/networking/share/ipaddr.subr Sun Nov 25 09:06:32 2012 (r243503) +++ head/usr.sbin/bsdconfig/networking/share/ipaddr.subr Sun Nov 25 10:37:10 2012 (r243504) @@ -60,7 +60,7 @@ f_ifconfig_inet() ' } -# f_dialog_validate_ipaddr $ipaddr +# f_validate_ipaddr $ipaddr # # Returns zero if the given argument (an IP address) is of the proper format. # @@ -73,10 +73,7 @@ f_ifconfig_inet() # maximum of 255 (or 2^8, being an octet comprised of 8 bits). # 4 The IP address has either too few or too many octets. # -# If the IP address is determined to be invalid, the appropriate error will be -# displayed using the f_dialog_msgbox function. -# -f_dialog_validate_ipaddr() +f_validate_ipaddr() { local ip="$1" @@ -106,12 +103,19 @@ f_dialog_validate_ipaddr() [ $noctets -eq 4 ] || exit 4 ) +} +# f_dialog_iperror $error $ipaddr +# +# Display a msgbox with the appropriate error message for an error returned by +# f_validate_ipaddr above. +# +f_dialog_iperror() +{ + local error="$1" ip="$2" - # - # Produce an appropriate error message if necessary. - # - local retval=$? - case $retval in + [ ${error:-0} -ne 0 ] || return $SUCCESS + + case "$error" in 1) f_dialog_msgbox "$( printf \ "$msg_ipv4_addr_octet_contains_invalid_chars" "$ip" )";; 2) f_dialog_msgbox "$( printf \ @@ -121,34 +125,57 @@ f_dialog_validate_ipaddr() 4) f_dialog_msgbox "$( printf \ "$msg_ipv4_addr_octet_missing_or_extra" "$ip" )";; esac +} + +# f_dialog_validate_ipaddr $ipaddr +# +# Returns zero if the given argument (an IP address) is of the proper format. +# +# If the IP address is determined to be invalid, the appropriate error will be +# displayed using the f_dialog_iperror function above. +# +f_dialog_validate_ipaddr() +{ + local ip="$1" + + f_validate_ipaddr "$ip" + local retval=$? + + # Produce an appropriate error message if necessary. + [ $retval -eq $SUCCESS ] || f_dialog_iperror $retval "$ip" return $retval } -# f_dialog_validate_ipaddr6 $ipv6_addr +# f_validate_ipaddr6 $ipv6_addr # # Returns zero if the given argument (an IPv6 address) is of the proper format. # # The return status for invalid IP address is one of: # 1 One or more individual segments within the IP address # (separated by colons) contains one or more invalid characters. -# 2 More than two segments within the IP address are null or the -# the second null segment is not at the end of the address. -# 3 One or more individual segments within the IP address exceeds -# the word length of 32-bits (segments are always hexadecimal). -# 4 The IP address has either too few or too many segments. -# 5 The IPv4 address at the end of the IPv6 address is invalid. +# Segments must contain only combinations of the characters 0-9, +# A-F, or a-f. +# 2 Too many/incorrect null segments. A single null segment is +# allowed within the IP address (separated by colons) but not +# allowed at the beginning or end (unless a double-null segment; +# i.e., "::*" or "*::"). +# 3 One or more individual segments within the IP address +# (separated by colons) exceeds the length of 4 hex-digits. +# 4 The IP address entered has either too few (less than 3), too +# many (more than 8), or not enough segments, separated by +# colons. +# 5* The IPv4 address at the end of the IPv6 address is invalid. +# * When there is an error with the dotted-quad IPv4 address at the +# end of the IPv6 address, the return value of 5 is OR'd with a +# bit-shifted (<< 4) return of f_validate_ipaddr. # -# If the IP address is determined to be invalid, the appropriate error will be -# displayed using the f_dialog_msgbox function. -# -f_dialog_validate_ipaddr6() +f_validate_ipaddr6() { local ip="$1" ( # Operate within a sub-shell to protect the parent environment - oldIFS="$IFS" IFS=":" # Split on `colon' set -- $ip: @@ -216,9 +243,8 @@ f_dialog_validate_ipaddr6() contains_ipv4_segment=1 # Validate the IPv4 address - IFS="$oldIFS" - f_dialog_validate_ipaddr "$segment" || exit 5 - IFS=":" + f_validate_ipaddr "$segment" || + exit $(( 5 | $? << 4 )) ;; *) # Segment characters are all valid but too many @@ -254,12 +280,20 @@ f_dialog_validate_ipaddr6() exit $SUCCESS ) +} - # - # Produce an appropriate error message if necessary. - # - local retval=$? - case $retval in +# f_dialog_ip6error $error $ipv6_addr +# +# Display a msgbox with the appropriate error message for an error returned by +# f_validate_ipaddr6 above. +# +f_dialog_ip6error() +{ + local error="$1" ip="$2" + + [ ${error:-0} -ne 0 ] || return $SUCCESS + + case "$error" in 1) f_dialog_msgbox "$( printf \ "$msg_ipv6_addr_segment_contains_invalid_chars" "$ip" )";; 2) f_dialog_msgbox "$( printf \ @@ -268,10 +302,30 @@ f_dialog_validate_ipaddr6() "$msg_ipv6_addr_segment_contains_too_many_chars" "$ip" )";; 4) f_dialog_msgbox "$( printf \ "$msg_ipv6_addr_too_few_or_extra_segments" "$ip" )";; - 5) : IPv4 at the end of IPv6 address is invalid ;; - # Don't display an error because f_dialog_validate_ipaddr - # already displayed one for the particular issue encountered. + *) + if [ $(( $error & 0xF )) -eq 5 ]; then + # IPv4 at the end of IPv6 address is invalid + f_dialog_iperror $(( $error >> 4 )) "$ip" + fi esac +} + +# f_dialog_validate_ipaddr6 $ipv6_addr +# +# Returns zero if the given argument (an IPv6 address) is of the proper format. +# +# If the IP address is determined to be invalid, the appropriate error will be +# displayed using the f_dialog_ip6error function above. +# +f_dialog_validate_ipaddr6() +{ + local ip="$1" + + f_validate_ipaddr6 "$ip" + local retval=$? + + # Produce an appropriate error message if necessary. + [ $retval -eq $SUCCESS ] || f_dialog_ip6error $retval "$ip" return $retval }