From e1d3fd0b29a1178e775cbc86f6c0011a682506ba Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Thu, 22 Sep 2022 19:38:14 +0200
Subject: xml: T4698: validating a range must be explicitly enabled in the
 validator

This extends commit 28573ffe4f ("xml: T4698: drop validator name="range" and
replace it with numeric"). The first version allowed both a range and discrete
numbers to be validated by the numeric validator.

This had a flaw as both 22 and 22-30 were valid at the same time. The generic
"port-number.xml.i" building block only allows a discrete number. Now if a user
set port 22-30 for e.g. SSH the daemon did no longer start. This is why range
validation must be explicitly enabled.
---
 interface-definitions/include/firewall/packet-length.xml.i | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'interface-definitions/include/firewall/packet-length.xml.i')

diff --git a/interface-definitions/include/firewall/packet-length.xml.i b/interface-definitions/include/firewall/packet-length.xml.i
index 91f08314a..fd2eb67b0 100644
--- a/interface-definitions/include/firewall/packet-length.xml.i
+++ b/interface-definitions/include/firewall/packet-length.xml.i
@@ -11,7 +11,7 @@
       <description>Packet length range to match</description>
     </valueHelp>
     <constraint>
-      <validator name="numeric" argument="--range 1-65535"/>
+      <validator name="numeric" argument="--allow-range --range 1-65535"/>
     </constraint>
     <multi/>
   </properties>
@@ -28,7 +28,7 @@
       <description>Packet length range not to match</description>
     </valueHelp>
     <constraint>
-      <validator name="numeric" argument="--range 1-65535"/>
+      <validator name="numeric" argument="--allow-range --range 1-65535"/>
     </constraint>
     <multi/>
   </properties>
-- 
cgit v1.2.3