summaryrefslogtreecommitdiff
path: root/controller
diff options
context:
space:
mode:
Diffstat (limited to 'controller')
-rw-r--r--controller/SqliteNetworkController.cpp4
-rwxr-xr-xcontroller/controller-api-test.sh42
2 files changed, 4 insertions, 42 deletions
diff --git a/controller/SqliteNetworkController.cpp b/controller/SqliteNetworkController.cpp
index b9aebbb8..71978830 100644
--- a/controller/SqliteNetworkController.cpp
+++ b/controller/SqliteNetworkController.cpp
@@ -243,6 +243,10 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
netconf["error"] = "signing identity invalid or lacks private key";
return NetworkController::NETCONF_QUERY_INTERNAL_SERVER_ERROR;
}
+ if (signingId.address().toInt() != (nwid >> 24)) {
+ netconf["error"] = "signing identity address does not match most significant 40 bits of network ID";
+ return NetworkController::NETCONF_QUERY_INTERNAL_SERVER_ERROR;
+ }
NetworkRecord network;
memset(&network,0,sizeof(network));
diff --git a/controller/controller-api-test.sh b/controller/controller-api-test.sh
deleted file mode 100755
index 934685b3..00000000
--- a/controller/controller-api-test.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/bash
-
-if [ "$#" -ne "2" ]; then
- echo 'Usage: controller-api-test.sh <network ID to create> <local TCP port for HTTP API>'
- exit 1
-fi
-
-network_json=$(cat <<EOF
-{
- name: "test network",
- private: true,
- v4AssignMode: "zt",
- v6AssignMode: "none",
- multicastLimit: 100,
- ipAssignmentPools: [
- {
- network: "10.1.2.0",
- netmaskBits: 24
- }
- ],
- rules: [
- {
- ruleId: 100,
- etherType: 0x0800,
- action: "accept"
- },
- {
- ruleId: 200,
- etherType: 0x0806,
- action: "accept"
- },
- {
- ruleId: 300,
- etherType: 0x86dd,
- action: "accept"
- }
- ]
-}
-EOF
-)
-
-echo "$network_json" | curl -d - -v "http://127.0.0.1:$2/controller/network/$1"
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-25 22:53:31 +0000