CLOUDSTACK-4586 Added CIDR validation for SG Egress rules

2013-09-03 14:17:16 +05:30 · 2013-09-03 14:17:16 +05:30 · b99962d27f
parent 8c3986df81
commit b99962d27f
2 changed files with 8 additions and 7 deletions
--- a/api/src/org/apache/cloudstack/api/command/user/securitygroup/AuthorizeSecurityGroupIngressCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/securitygroup/AuthorizeSecurityGroupIngressCmd.java
@ -207,13 +207,6 @@ public class AuthorizeSecurityGroupIngressCmd extends BaseAsyncCmd {

    @Override
    public void execute() {
-        if(cidrList != null){
-            for(String cidr : cidrList ){
-                if (!NetUtils.isValidCIDR(cidr)){
-                    throw new ServerApiException(ApiErrorCode.PARAM_ERROR,  cidr + " is an Invalid CIDR ");
-                }
-            }
-        }
        List<? extends SecurityRule> ingressRules = _securityGroupService.authorizeSecurityGroupIngress(this);
        if (ingressRules != null && !ingressRules.isEmpty()) {
            SecurityGroupResponse response = _responseGenerator.createSecurityGroupResponseFromSecurityGroupRule(ingressRules);
--- a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
+++ b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
@ -600,6 +600,14 @@ public class SecurityGroupManagerImpl extends ManagerBase implements SecurityGro
            protocol = NetUtils.ALL_PROTO;
        }

+        if(cidrList != null){
+            for(String cidr : cidrList ){
+                if (!NetUtils.isValidCIDR(cidr)){
+                    throw new InvalidParameterValueException("Invalid cidr " + cidr);
+                }
+            }
+        }
+
        if (!NetUtils.isValidSecurityGroupProto(protocol)) {
            throw new InvalidParameterValueException("Invalid protocol " + protocol);
        }