From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 7759D1FF146 for ; Tue, 12 May 2026 13:21:45 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 80F4DF72A; Tue, 12 May 2026 13:21:41 +0200 (CEST) From: Gabriel Goller To: pve-devel@lists.proxmox.com Subject: [PATCH pve-common 1/4] jsonschema: add full-range CIDR JSON schema formats Date: Tue, 12 May 2026 13:21:20 +0200 Message-ID: <20260512112129.224619-2-g.goller@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260512112129.224619-1-g.goller@proxmox.com> References: <20260512112129.224619-1-g.goller@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1778584782353 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.028 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [jsonschema.pm] Message-ID-Hash: YKLZUU4C2OYJGMEP5HUVR3ESMOV73FWU X-Message-ID-Hash: YKLZUU4C2OYJGMEP5HUVR3ESMOV73FWU X-MailFrom: g.goller@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Add IPv4, IPv6, and generic CIDR validators that allow the full prefix range, including /0. Don't change the existing CIDR validators. Signed-off-by: Gabriel Goller --- src/PVE/JSONSchema.pm | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm index 1997c703d725..58b86874b0d6 100644 --- a/src/PVE/JSONSchema.pm +++ b/src/PVE/JSONSchema.pm @@ -590,6 +590,45 @@ sub pve_verify_cidr { return $cidr; } +register_format('FullRangeCIDRv6', \&pve_verify_fullrangecidrv6); + +sub pve_verify_fullrangecidrv6 { + my ($cidr, $noerr) = @_; + + if ($cidr =~ m!^(?:$IPV6RE)(?:/(\d+))$! && ($1 >= 0) && ($1 <= 128)) { + return $cidr; + } + + return undef if $noerr; + die "value does not look like a valid IPv6 CIDR network\n"; +} + +register_format('FullRangeCIDRv4', \&pve_verify_fullrangecidrv4); + +sub pve_verify_fullrangecidrv4 { + my ($cidr, $noerr) = @_; + + if ($cidr =~ m!^(?:$IPV4RE)(?:/(\d+))$! && ($1 >= 0) && ($1 <= 32)) { + return $cidr; + } + + return undef if $noerr; + die "value does not look like a valid IPv4 CIDR network\n"; +} + +register_format('FullRangeCIDR', \&pve_verify_fullrangecidr); + +sub pve_verify_fullrangecidr { + my ($cidr, $noerr) = @_; + + if (!(pve_verify_fullrangecidrv4($cidr, 1) || pve_verify_fullrangecidrv6($cidr, 1))) { + return undef if $noerr; + die "value does not look like a valid CIDR network\n"; + } + + return $cidr; +} + register_format('pve-ipv4-config', \&pve_verify_ipv4_config); sub pve_verify_ipv4_config { -- 2.47.3