Skip to content

Commit 6a18b66

Browse files
DaanHooglandDaanHoogland
committed
refactor cidr evaluation for internal nets
1 parent 59dfcfd commit 6a18b66

File tree

1 file changed

+9
-3
lines changed

1 file changed

+9
-3
lines changed

services/secondary-storage/controller/src/main/java/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -402,11 +402,17 @@ private List<String> getAllowedInternalSiteCidrs() {
402402
}
403403
String[] cidrs = _allowedInternalSites.split(",");
404404
for (String cidr : cidrs) {
405-
if (NetUtils.isValidIp4Cidr(cidr) || NetUtils.isValidIp4(cidr) || !cidr.startsWith("0.0.0.0")) {
406-
if (NetUtils.getCleanIp4Cidr(cidr).equals(cidr)) {
405+
if (NetUtils.isValidIp4Cidr(cidr)) {
406+
if (! NetUtils.getCleanIp4Cidr(cidr).equals(cidr)) {
407407
s_logger.warn(String.format("Invalid CIDR %s in %s", cidr, SecStorageAllowedInternalDownloadSites.key()));
408408
}
409-
allowedCidrs.add(cidr);
409+
allowedCidrs.add(NetUtils.getCleanIp4Cidr(cidr));
410+
} else if (NetUtils.isValidIp4(cidr)) {
411+
String newCidr = cidr + "/32";
412+
s_logger.warn(String.format("Ip address is not a valid CIDR; %s using %s/32", cidr, newCidr));
413+
allowedCidrs.add(newCidr);
414+
} else if (!cidr.startsWith("0.0.0.0")) {
415+
allowedCidrs.add(NetUtils.getCleanIp4Cidr(cidr));
410416
}
411417
}
412418
return allowedCidrs;

0 commit comments

Comments
 (0)