From 79f63ba30a43ec8191938dfee4e9954d1a70a2a2 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Tue, 21 Apr 2015 18:37:17 -0700 Subject: Fix: make sure we do not assign broadcast address as an IP to new members. --- controller/SqliteNetworkController.cpp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'controller') diff --git a/controller/SqliteNetworkController.cpp b/controller/SqliteNetworkController.cpp index 38bb796d..655f5c04 100644 --- a/controller/SqliteNetworkController.cpp +++ b/controller/SqliteNetworkController.cpp @@ -36,6 +36,7 @@ #include #include #include +#include #include "../include/ZeroTierOne.h" #include "../node/Constants.hpp" @@ -497,13 +498,15 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co if ((ipNetwork)&&(sqlite3_column_bytes(_sGetIpAssignmentPools,0) >= 4)&&(ipNetmaskBits > 0)&&(ipNetmaskBits < 32)) { uint32_t n = Utils::ntoh(*((const uint32_t *)ipNetwork)); // network in host byte order e.g. 192.168.0.0 uint32_t m = 0xffffffff << (32 - ipNetmaskBits); // netmask e.g. 0xffffff00 for '24' since 32 - 24 == 8 + n &= m; // sanity check -- ipNetwork bits right of netmask bit count should be zero uint32_t im = ~m; // inverse mask, e.g. 0x000000ff for a netmask of 0xffffff00 uint32_t abits = (uint32_t)(identity.address().toInt() & 0xffffffff); // least significant bits of member ZT address for(uint32_t k=0;k<=im;++k) { // try up to the number of IPs possible in this network - uint32_t ip = ( ((abits + k) & im) | (n & m) ); // build IP using bits from ZT address of member + k - if ((ip & 0x000000ff) == 0x00) continue; // no IPs ending in .0 allowed - if ((ip & 0x000000ff) == 0xff) continue; // no IPs ending in .255 allowed + uint32_t ip = ( ((abits + k) & im) | n ); // build IP using bits from ZT address of member + k + if ((ip & 0xffffff00) == 0) continue; // no IPs ending in .0 + if (ip == n) continue; // no IPs equal to the network e.g. 10.0.0.0 for 10.0.0.0/255.255.255.0 + if (ip == (n | im)) continue; // broadcast address e.g. 10.0.0.255 for 10.0.0.0/255.255.255.0 uint32_t nip = Utils::hton(ip); // IP in big-endian "network" byte order sqlite3_reset(_sCheckIfIpIsAllocated); -- cgit v1.2.3