Skip to content

Commit 2e236a8

Browse files
author
Sheng Yang
committed
IPv6: Fix ip address in range check
1 parent e5866cf commit 2e236a8

3 files changed

Lines changed: 26 additions & 6 deletions

File tree

server/src/com/cloud/network/NetworkServiceImpl.java

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -780,14 +780,14 @@ public Network createGuestNetwork(CreateNetworkCmd cmd) throws InsufficientCapac
780780
if (!NetUtils.isValidIp6Cidr(ip6Cidr)) {
781781
throw new InvalidParameterValueException("Invalid ip6cidr");
782782
}
783-
if (!NetUtils.isIp6InRange(startIPv6, ip6Cidr)) {
784-
throw new InvalidParameterValueException("startIPv6 is not in ip6cidr indicated network range!");
783+
if (!NetUtils.isIp6InNetwork(startIPv6, ip6Cidr)) {
784+
throw new InvalidParameterValueException("startIPv6 is not in ip6cidr indicated network!");
785785
}
786-
if (!NetUtils.isIp6InRange(endIPv6, ip6Cidr)) {
787-
throw new InvalidParameterValueException("endIPv6 is not in ip6cidr indicated network range!");
786+
if (!NetUtils.isIp6InNetwork(endIPv6, ip6Cidr)) {
787+
throw new InvalidParameterValueException("endIPv6 is not in ip6cidr indicated network!");
788788
}
789-
if (!NetUtils.isIp6InRange(ip6Gateway, ip6Cidr)) {
790-
throw new InvalidParameterValueException("ip6Gateway is not in ip6cidr indicated network range!");
789+
if (!NetUtils.isIp6InNetwork(ip6Gateway, ip6Cidr)) {
790+
throw new InvalidParameterValueException("ip6Gateway is not in ip6cidr indicated network!");
791791
}
792792

793793
int cidrSize = NetUtils.getIp6CidrSize(ip6Cidr);

utils/src/com/cloud/utils/net/NetUtils.java

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1211,6 +1211,17 @@ public static boolean isIp6InRange(String ip6, String ip6Range) {
12111211
return false;
12121212
}
12131213

1214+
public static boolean isIp6InNetwork(String ip6, String ip6Cidr) {
1215+
IPv6Network network = null;
1216+
try {
1217+
network = IPv6Network.fromString(ip6Cidr);
1218+
} catch (IllegalArgumentException ex) {
1219+
return false;
1220+
}
1221+
IPv6Address ip = IPv6Address.fromString(ip6);
1222+
return network.contains(ip);
1223+
}
1224+
12141225
public static boolean isIp6RangeOverlap(String ipRange1, String ipRange2) {
12151226
String[] ips = ipRange1.split("-");
12161227
String startIp1 = ips[0];

utils/test/com/cloud/utils/net/NetUtilsTest.java

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -102,5 +102,14 @@ public void testIpv6() {
102102
assertTrue(NetUtils.isIp6RangeOverlap("1234:5678::f-1234:5678::ffff", "1234:5678::2-1234:5678::f"));
103103
assertFalse(NetUtils.isIp6RangeOverlap("1234:5678::f-1234:5678::ffff", "1234:5678::2-1234:5678::e"));
104104
assertFalse(NetUtils.isIp6RangeOverlap("1234:5678::f-1234:5678::f", "1234:5678::2-1234:5678::e"));
105+
//Test getNextIp6InRange
106+
assertEquals(NetUtils.getNextIp6InRange("1234:5678::8000:0000", range), "1234:5678::1");
107+
assertEquals(NetUtils.getNextIp6InRange("1234:5678::7fff:ffff", range), "1234:5678::8000:0");
108+
assertEquals(NetUtils.getNextIp6InRange("1234:5678::1", range), "1234:5678::2");
109+
//Test isIp6InNetwork
110+
assertFalse(NetUtils.isIp6InNetwork("1234:5678:abcd::1", "1234:5678::/64"));
111+
assertTrue(NetUtils.isIp6InNetwork("1234:5678::1", "1234:5678::/64"));
112+
assertTrue(NetUtils.isIp6InNetwork("1234:5678::ffff:ffff:ffff:ffff", "1234:5678::/64"));
113+
assertTrue(NetUtils.isIp6InNetwork("1234:5678::", "1234:5678::/64"));
105114
}
106115
}

0 commit comments

Comments
 (0)