* [pve-devel] [PATCH v2 storage] storage migration: insecure: improve logging
@ 2021-02-11 10:24 Fabian Ebner
2021-02-19 14:32 ` [pve-devel] applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Fabian Ebner @ 2021-02-11 10:24 UTC (permalink / raw)
To: pve-devel
by including the message/error from the remote side. Some people on the forum[0]
ran into 'no tunnel IP received', but without information from the remote side
it's hard to tell why.
[0]: https://forum.proxmox.com/threads/failed-no-tunnel-ip-received.80172
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---
Changes from v1:
* keep in capturing regexes to untaint
PVE/Storage.pm | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/PVE/Storage.pm b/PVE/Storage.pm
index 22a6ef1..8ee2c92 100755
--- a/PVE/Storage.pm
+++ b/PVE/Storage.pm
@@ -758,8 +758,14 @@ sub storage_migrate {
or die "receive command failed: $!\n";
close($input);
- my ($ip) = <$info> =~ /^($PVE::Tools::IPRE)$/ or die "no tunnel IP received\n";
- my ($port) = <$info> =~ /^(\d+)$/ or die "no tunnel port received\n";
+ my $try_ip = <$info> // '';
+ my ($ip) = $try_ip =~ /^($PVE::Tools::IPRE)$/ # untaint
+ or die "no tunnel IP received, got '$try_ip'\n";
+
+ my $try_port = <$info> // '';
+ my ($port) = $try_port =~ /^(\d+)$/ # untaint
+ or die "no tunnel port received, got '$try_port'\n";
+
my $socket = IO::Socket::IP->new(PeerHost => $ip, PeerPort => $port, Type => SOCK_STREAM)
or die "failed to connect to tunnel at $ip:$port\n";
# we won't be reading from the socket
--
2.20.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pve-devel] applied: [PATCH v2 storage] storage migration: insecure: improve logging
2021-02-11 10:24 [pve-devel] [PATCH v2 storage] storage migration: insecure: improve logging Fabian Ebner
@ 2021-02-19 14:32 ` Thomas Lamprecht
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2021-02-19 14:32 UTC (permalink / raw)
To: Proxmox VE development discussion, Fabian Ebner
On 11.02.21 11:24, Fabian Ebner wrote:
> by including the message/error from the remote side. Some people on the forum[0]
> ran into 'no tunnel IP received', but without information from the remote side
> it's hard to tell why.
>
> [0]: https://forum.proxmox.com/threads/failed-no-tunnel-ip-received.80172
>
> Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
> ---
>
> Changes from v1:
> * keep in capturing regexes to untaint
>
> PVE/Storage.pm | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
>
applied, thanks!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-02-19 14:32 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-11 10:24 [pve-devel] [PATCH v2 storage] storage migration: insecure: improve logging Fabian Ebner
2021-02-19 14:32 ` [pve-devel] applied: " Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal