diff --git a/WebRoot/js/zimbraAdmin/common/ZaIPUtil.js b/WebRoot/js/zimbraAdmin/common/ZaIPUtil.js index 3dd8a70825..95dcbf7309 100644 --- a/WebRoot/js/zimbraAdmin/common/ZaIPUtil.js +++ b/WebRoot/js/zimbraAdmin/common/ZaIPUtil.js @@ -233,6 +233,23 @@ ZaIPUtil.isIPV4 = function (ipV4Str) { throw ZaIPUtil.ERROR_IP_FORMAT; } + //Check ipV4Str has '.' at index 0 (First dot in IPv4 address) + if (ipV4Str[0] == ".") { + throw ZaIPUtil.ERROR_IP_FORMAT; + } + + //Check ipV4Str has '.' at the end of IP address (Last dot in IPv4 address) + if (ipV4Str[ipV4Str.length -1] == ".") { + throw ZaIPUtil.ERROR_IP_FORMAT; + } + + //Invalid IPv4 address that has two or more adjacent dot + for(var i = 0; i < ipV4Str.length - 1; i++) { + if (ipV4Str[i] == "." && ipV4Str[i+1] == ".") { + throw ZaIPUtil.ERROR_IP_FORMAT; + } + } + var longValue; for (var i = 0; i < chunks.length; i++) { if (!chunks[i]) @@ -282,6 +299,23 @@ ZaIPUtil.isIPV6 = function (ipV6Str) { throw ZaIPUtil.ERROR_IP_FORMAT; } + //Invalid IPv6 address that has three or more adjacent colon + if (isDottedQuad != -1) { + if (ipCntStr[isDottedQuad + 2] == ":") { + throw ZaIPUtil.ERROR_IP_FORMAT; + } + } + + //':' is at index 0 of IP address (not group zero "::"). Ex: :2001:db8:cafe::1 + if (ipCntStr[0] == ":" && ipCntStr[1] != ":") { + throw ZaIPUtil.ERROR_IP_FORMAT; + } + + // ':' is at the end of IP address (not group zero "::"). Ex: 2001:db8:cafe::1: + if (ipCntStr[ipCntStr.length -1] == ":" && ipCntStr[ipCntStr.length -2] != ":") { + throw ZaIPUtil.ERROR_IP_FORMAT; + } + var chunks = ipCntStr.split(":"); if (chunks.length > 8) throw ZaIPUtil.ERROR_IP_FORMAT; diff --git a/WebRoot/js/zimbraAdmin/servers/controller/ZaServerController.js b/WebRoot/js/zimbraAdmin/servers/controller/ZaServerController.js index b97644921f..feb894a172 100644 --- a/WebRoot/js/zimbraAdmin/servers/controller/ZaServerController.js +++ b/WebRoot/js/zimbraAdmin/servers/controller/ZaServerController.js @@ -173,160 +173,168 @@ function () { return true; } -ZaServerController.prototype.validateMyNetworks = +ZaServerController.prototype.validateMyNetworks = function (params) { - if(!ZaItem.hasWritePermission(ZaServer.A_zimbraMtaMyNetworks,this._currentObject)) { + if(!ZaItem.hasWritePermission(ZaServer.A_zimbraMtaMyNetworks, this._currentObject)) { this.runValidationStack(params); return; - } + } + var obj = this._view.getObject(); - /* if the user never edit the MTA Text field, the attribute doesn't exist. In this case - * we don't use to check the value. Otherwise, if we continue to check, it will report - * a error even the user never edit this item. - */ + + /* If the user never edit the MTA Text field, the attribute doesn't exist. In this case + * we don't use to check the value. Otherwise, if we continue to check, it will report + * an error even the user never edit this item. + */ + if(!obj.attrs.hasOwnProperty(ZaServer.A_zimbraMtaMyNetworks)) { - this.runValidationStack(params); - return; - } + this.runValidationStack(params); + return; + } + //find local networks - var locals = []; - var locals2 = []; + var localIPs = []; + var localIPs2 = []; var numIFs = 0; if(this._currentObject.nifs && this._currentObject.nifs.length) { numIFs = this._currentObject.nifs.length; for (var i = 0; i < numIFs; i++) { - if(this._currentObject.nifs[i] && this._currentObject.nifs[i].attrs && this._currentObject.nifs[i].attrs.addr && this._currentObject.nifs[i].attrs.mask) { - try { - var localIpData = ZaIPUtil.isValidIP(this._currentObject.nifs[i].attrs.addr); - var localiNetBit = ZaIPUtil.getNetBit(this._currentObject.nifs[i].attrs.mask); - var localCIDR = ZaIPUtil.getNetworkAddr(localIpData, localiNetBit); - - var localIpData2 = ZaIPUtil.isValidIP(this._currentObject.nifs[i].attrs.addr); - var localiNetBit2 = ZaIPUtil.getNetBit(this._currentObject.nifs[i].attrs.mask); - var localCIDR2 = ZaIPUtil.getNetworkAddr(localIpData2, localiNetBit2); - locals.push(localCIDR); - locals2.push(localCIDR2); - } catch(ex) { - - } + if (this._currentObject.nifs[i] && this._currentObject.nifs[i].attrs && this._currentObject.nifs[i].attrs.addr && this._currentObject.nifs[i].attrs.mask) { + try { + var localIpData = ZaIPUtil.isValidIP(this._currentObject.nifs[i].attrs.addr); + var localIpData2 = ZaIPUtil.isValidIP(this._currentObject.nifs[i].attrs.addr); + localIPs.push(localIpData); + localIPs2.push(localIpData2); + } catch (ex) { + + } } } - } - + } + var IFCounter = numIFs; - - if(obj.attrs[ZaServer.A_zimbraMtaMyNetworks]) { - obj.attrs[ZaServer.A_zimbraMtaMyNetworks] = AjxStringUtil.trim(obj.attrs[ZaServer.A_zimbraMtaMyNetworks],true); + + if (obj.attrs[ZaServer.A_zimbraMtaMyNetworks]) { + obj.attrs[ZaServer.A_zimbraMtaMyNetworks] = AjxStringUtil.trim(obj.attrs[ZaServer.A_zimbraMtaMyNetworks], true); var chunks = obj.attrs[ZaServer.A_zimbraMtaMyNetworks].split(/[\s,]+/); var cnt = chunks.length; - var masks=[]; + var masks = []; var excludeMasks = []; - var cidrData; - var validStr; - for(var i=0;i2) { - if(chunks[i].indexOf("!")==0) { + var cidrData; + var validStr; + for (var i = 0; i < cnt; i++) { + if (chunks[i] != null && chunks[i].length > 2) { + if (chunks[i].indexOf("!") == 0) { //exclude - validStr = chunks[i].substr(1); - if(chunks[i].indexOf("/")>0) { + validStr = chunks[i].substr(1); + if (chunks[i].indexOf("/") > 0) { //subnet - try { - cidrData = ZaIPUtil.isValidCIDR(validStr); - } catch (ex) { - throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_NOT_CIDR,[validStr]),AjxException.INVALID_PARAM,"ZaServerController.prototype.validateMyNetworks"); - } + try { + cidrData = ZaIPUtil.isValidCIDR(validStr); + } catch (ex) { + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_NOT_CIDR, [validStr]), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); + } excludeMasks.push(cidrData); - - for(var j=(numIFs-1);j>=0;j--) { - if(ZaIPUtil.isInSubNet(cidrData, locals2[j].ipData)) { - throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_LOCAL_ADDR_EXCLUDED,[locals2[j].ipData.src, chunks[i]]),AjxException.INVALID_PARAM,"ZaServerController.prototype.validateMyNetworks"); + + for (var j = (numIFs - 1); j >= 0; j--) { + if (ZaIPUtil.isInSubNet(cidrData, localIPs2[j])) { + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_LOCAL_ADDR_EXCLUDED, [localIPs2[j].src, chunks[i]]), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); } - } + } } else { //address - try { - var exIPData = ZaIPUtil.isValidIP(validStr); - } catch (ex) { - throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_INVALID_EXCLUDE_ADDR,[validStr]),AjxException.INVALID_PARAM,"ZaServerController.prototype.validateMyNetworks"); - } - - for(var j=(numIFs-1);j>=0;j--) { - var cmpResult = 1; - try { - cmpResult = ZaIPUtil.compareIP(locals2[j].ipData, exIPData); - } catch (ex) { - - } + try { + var exIPData = ZaIPUtil.isValidIP(validStr); + } catch (ex) { + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_INVALID_EXCLUDE_ADDR, [validStr]), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); + } + + for (var j = (numIFs - 1); j >= 0; j--) { + var cmpResult = 1; + try { + cmpResult = ZaIPUtil.compareIP(localIPs2[j], exIPData); + } catch (ex) { + + } if(cmpResult === 0) { - throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_LOCAL_ADDR_EXCLUDED,[locals2[j].ipData.src,chunks[i]]),AjxException.INVALID_PARAM,"ZaServerController.prototype.validateMyNetworks"); + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_LOCAL_ADDR_EXCLUDED, [localIPs2[j].src, chunks[i]]), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); } } } } else { - //include - validStr = chunks[i]; - - // bug ZCS-1549: allow non-CIDR inet addresses - var j = 0; - var ipFound = false; - - while (validStr.search("/") < 0 && j < locals.length) { - if (validStr === locals[j].ipData.src) { - locals.splice(j,1); - IFCounter--; - ipFound = true; - break; - } - j++; - } - - if (ipFound == false) - { - try { - cidrData = ZaIPUtil.isValidCIDR(validStr); - } catch (ex) { - throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_NOT_CIDR,[validStr]),AjxException.INVALID_PARAM,"ZaServerController.prototype.validateMyNetworks"); - } - masks.push(cidrData); - - for(var j = (IFCounter-1); j >= 0; j--) { - try { - if(ZaIPUtil.isInSubNet(cidrData, locals[j].ipData) /*&& locals[j].iNetBits <= _obj.iNetBits*/) { - locals.splice(j,1); - IFCounter--; - } - } catch (ex) { - - } - } - } - } - + //include + validStr = chunks[i]; + + //bug ZCS-1549: allow non-CIDR inet addresses + var j = 0; + var ipFound = false; + var isNonCIDR = false; + + if (validStr.search("/") < 0) { + isNonCIDR = true; + try { + var exIPData = ZaIPUtil.isValidIP(validStr); + } catch (ex) { + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_INVALID_EXCLUDE_ADDR, [validStr]), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); + } + } + + while (validStr.search("/") < 0 && j < localIPs.length) { + if (validStr === localIPs[j].src) { + localIPs.splice(j, 1); + IFCounter--; + ipFound = true; + break; + } + j++; + } + if (ipFound == false && isNonCIDR == false) { + try { + cidrData = ZaIPUtil.isValidCIDR(validStr); + } catch (ex) { + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_NOT_CIDR, [validStr]), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); + } + + masks.push(cidrData); + + for (var j = (IFCounter - 1); j >= 0; j--) { + try { + if (ZaIPUtil.isInSubNet(cidrData, localIPs[j])) { + localIPs.splice(j, 1); + IFCounter--; + } + } catch (ex) { + + } + } + } + } } else { - throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_NOT_CIDR,[chunks[i]]),AjxException.INVALID_PARAM,"ZaServerController.prototype.validateMyNetworks"); + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_NOT_CIDR, [chunks[i]]), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); } } - - if(chunks.length<1) { + + if (chunks.length < 1) { //error! no valid subnets - throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_NO_VALID_SUBNETS,[obj.attrs[ZaServer.A_zimbraMtaMyNetworks]]),AjxException.INVALID_PARAM,"ZaServerController.prototype.validateMyNetworks"); + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_NO_VALID_SUBNETS, [obj.attrs[ZaServer.A_zimbraMtaMyNetworks]]), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); } - - //do we have a 127.0.0.0/8 (255.0.0.0) and other local interfaces - if(IFCounter>0) { - //error! missing local interfaces - var missingIfs = []; - for(var ix=0;ix 0) { + //error! missing local interfaces + var missingIfs = []; + for (var ix = 0; ix < IFCounter; ix++) { + missingIfs.push(localIPs[ix].src); } - } + throw new AjxException(AjxMessageFormat.format(ZaMsg.ERROR_MISSING_LOCAL, missingIfs.join(",")), AjxException.INVALID_PARAM, "ZaServerController.prototype.validateMyNetworks"); + } this.runValidationStack(params); + } ZaXFormViewController.preSaveValidationMethods["ZaServerController"].push(ZaServerController.prototype.validateMyNetworks); diff --git a/WebRoot/js/zimbraAdmin/servers/model/ZaServer.js b/WebRoot/js/zimbraAdmin/servers/model/ZaServer.js old mode 100644 new mode 100755 index d05788eca3..997c343f94 --- a/WebRoot/js/zimbraAdmin/servers/model/ZaServer.js +++ b/WebRoot/js/zimbraAdmin/servers/model/ZaServer.js @@ -999,6 +999,7 @@ function(by, val) { var getCurrentVols = soapDoc.set("GetCurrentVolumesRequest", null, null, ZaZimbraAdmin.URN); } var getAllVols = soapDoc.set("GetServerNIfsRequest", null, null, ZaZimbraAdmin.URN); + getAllVols.setAttribute("type", "both"); var server = soapDoc.set("server", _val, getAllVols); server.setAttribute("by", _by); try {