[pve-devel] [PATCH manager] api: ceph: mon create: remove superfluous verification call

Fiona Ebner f.ebner at proxmox.com
Mon Apr 3 11:35:16 CEST 2023

The pve_verify_cidr{,v4,v6} functions were originally intended for
the /etc/network/interfaces API endpoints and thus are a bit
restrictive. For example, as reported in the community forum[0],
pve_verify_cidr() does not consider '0::/0' and '0::/1' to be valid.

The error message in this scenario being
> value does not look like a valid CIDR network
is also confusing, as the first thought of users will be that it comes
from the passed-in monitor address.

The public networks are not written here and read from the Ceph config
and via a RADOS mon command, so no need to try and verify them. If
something really would go wrong during parsing, the
get_local_ip_from_cidr() call would complain afterwards.

[0]: https://forum.proxmox.com/threads/125226/

Suggested-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner at proxmox.com>
 PVE/API2/Ceph/MON.pm | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/PVE/API2/Ceph/MON.pm b/PVE/API2/Ceph/MON.pm
index 7f252875..1e959ef3 100644
--- a/PVE/API2/Ceph/MON.pm
+++ b/PVE/API2/Ceph/MON.pm
@@ -56,8 +56,6 @@ my $find_mon_ips = sub {
     if (!scalar(@{$overwrite_ips})) { # auto-select one address for each public network
 	for my $net (@{$public_nets}) {
-	    $net = PVE::JSONSchema::pve_verify_cidr($net);
 	    my $allowed_ips = PVE::Network::get_local_ip_from_cidr($net);
 	    $allowed_ips = PVE::Network::unique_ips($allowed_ips);
@@ -75,8 +73,6 @@ my $find_mon_ips = sub {
 	my $allowed_list = [];
 	for my $net (@{$public_nets}) {
-	    $net = PVE::JSONSchema::pve_verify_cidr($net);
 	    push @{$allowed_list}, @{PVE::Network::get_local_ip_from_cidr($net)};

More information about the pve-devel mailing list