feat(ec2): peer cidr ip validation #3642
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nmussy
commented
Aug 13, 2019
| @@ -112,6 +122,16 @@ class CidrIPv6 implements IPeer { | |||
| public readonly uniqueId: string; | |||
|
|
|||
| constructor(private readonly cidrIpv6: string) { | |||
| const cidrMatch = cidrIpv6.match(/^([\da-f]{0,4}:){2,7}([\da-f]{0,4})?(\/\d+)?$/); | |||
There was a problem hiding this comment.
I used some fairly loose RegExps, especially for IPv6. The stricter ones tend to become a little crazy
rix0rrr
previously requested changes
Aug 19, 2019
| } | ||
|
|
||
| if (!cidrMatch[2]) { | ||
| throw new Error(`CIDR mask is missing in IPv4: "${cidrIp}". Did you mean "${cidrIp}/xx"?`); |
There was a problem hiding this comment.
I feel it makes more sense to replace /xx with /32 in the error message. If people wrote a single IP address, that's probably what they meant, and if they didn't it's clear enough where to substitute values to make it do what they want.
I considered automatically adding /32 to the IP address, but we should probably make a separate class for single IP addresses.
There was a problem hiding this comment.
we should probably make a separate class for single IP addresses.
I like that idea. We could also deprecate ipv4/v6 and explicitly name them ipv4Cidr
| @@ -77,6 +77,16 @@ class CidrIPv4 implements IPeer { | |||
| public readonly uniqueId: string; | |||
|
|
|||
| constructor(private readonly cidrIp: string) { | |||
| const cidrMatch = cidrIp.match(/^(\d{1,3}\.){3}\d{1,3}(\/\d+)?$/); | |||
There was a problem hiding this comment.
I guess to be safe this needs a if (!cdk.Token.isUnresolved(cidrIp)) { ... } block around the checks, same for the IPv6 version.
| } | ||
|
|
||
| if (!cidrMatch[3]) { | ||
| throw new Error(`CIDR mask is missing in IPv6: "${cidrIpv6}". Did you mean "${cidrIpv6}/xx"?`); |
Pull Request Checklist
|
1 similar comment
Pull Request Checklist
|
rix0rrr
approved these changes
Aug 22, 2019
|
Thank you for contributing! Your pull request is now being automatically merged. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #3639
Please read the contribution guidelines and follow the pull-request checklist.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license