From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 20B731FF14C for ; Fri, 12 Jun 2026 14:19:10 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id C5486120E6; Fri, 12 Jun 2026 14:19:08 +0200 (CEST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Subject: Re: [PATCH pve-network 5/9] fix #7294: sdn: register api formats for zones and vnets From: Gabriel Goller To: David Riley In-Reply-To: <20260611145935.147788-6-d.riley@proxmox.com> References: <20260611145935.147788-1-d.riley@proxmox.com> <20260611145935.147788-6-d.riley@proxmox.com> Date: Fri, 12 Jun 2026 14:18:23 +0200 Message-Id: <178126670392.718919.12595073108998221237.b4-review@b4> X-Mailer: b4 0.16-dev X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1781266663440 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.028 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [vnetplugin.pm,plugin.pm] Message-ID-Hash: RBCOHIAGRIPA7D337OOYZHYKYXEVDYDO X-Message-ID-Hash: RBCOHIAGRIPA7D337OOYZHYKYXEVDYDO X-MailFrom: g.goller@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: pve-devel@lists.proxmox.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Generally on this series: What was your rationale on adding the vlan tag? IMO having `vnet///` doesn't really make sense, as not all vnets have a tag property, and it's also not always a vlan e.g. EVPN vnets have a vni-tag property. One small comment inline as well. > [snip] > diff --git a/src/PVE/Network/SDN/VnetPlugin.pm b/src/PVE/Network/SDN/VnetPlugin.pm > index e04157573083..2299b46601c2 100644 > --- a/src/PVE/Network/SDN/VnetPlugin.pm > +++ b/src/PVE/Network/SDN/VnetPlugin.pm > @@ -16,17 +16,34 @@ PVE::Cluster::cfs_register_file( > sub { __PACKAGE__->write_config(@_); }, > ); > > +my $sdn_vnet_id_pattern = '[a-zA-Z][a-zA-Z0-9]*[a-zA-Z0-9]'; > +my $vnet_min_length = 2; > +my $vnet_max_length = 8; > + > PVE::JSONSchema::register_standard_option( > 'pve-sdn-vnet-id', > { > description => "The SDN vnet object identifier.", > type => 'string', > - pattern => '[a-zA-Z][a-zA-Z0-9]*[a-zA-Z0-9]', > - minLength => 2, > - maxLength => 8, > + pattern => $sdn_vnet_id_pattern, > + minLength => $vnet_min_length, > + maxLength => $vnet_max_length, > }, > ); > > +sub pve_verify_sdn_vnet_id { > + my ($vnet, $noerr) = @_; > + > + if ($vnet !~ m/^$sdn_vnet_id_pattern$/) { > + return undef if $noerr; > + die "invalid SDN VNet '$vnet' - must be $vnet_min_length-$vnet_max_length characters" > + . " long, start with a letter, and contain only alphanumeric characters\n"; > + } > + return $vnet; > +} I think this is missing a min/max lenght check? > + > +PVE::JSONSchema::register_format('pve-sdn-vnet-id', \&pve_verify_sdn_vnet_id); > + > my $defaultData = { > > propertyList => { > diff --git a/src/PVE/Network/SDN/Zones/Plugin.pm b/src/PVE/Network/SDN/Zones/Plugin.pm > index 74a3384cd7ae..cd761e0448c3 100644 > --- a/src/PVE/Network/SDN/Zones/Plugin.pm > +++ b/src/PVE/Network/SDN/Zones/Plugin.pm > @@ -19,17 +19,34 @@ PVE::Cluster::cfs_register_file( > sub { __PACKAGE__->write_config(@_); }, > ); > > +my $sdn_zone_id_pattern = '[a-zA-Z][a-zA-Z0-9]*[a-zA-Z0-9]'; > +my $zone_min_length = 2; > +my $zone_max_length = 8; > + > PVE::JSONSchema::register_standard_option( > 'pve-sdn-zone-id', > { > description => "The SDN zone object identifier.", > type => 'string', > - pattern => '[a-zA-Z][a-zA-Z0-9]*[a-zA-Z0-9]', > - minLength => 2, > - maxLength => 8, > + pattern => $sdn_zone_id_pattern, > + minLength => $zone_min_length, > + maxLength => $zone_max_length, > }, > ); > > +sub pve_verify_sdn_zone_id { > + my ($zone, $noerr) = @_; > + > + if ($zone !~ m/^$sdn_zone_id_pattern$/) { > + return undef if $noerr; > + die "invalid SDN zone '$zone' - must be $zone_min_length-$zone_max_length characters" > + . " long, start with a letter, and contain only alphanumeric characters\n"; > + } > + return $zone; > +} Here as well. -- Gabriel Goller