[pve-devel] [PATCH common 1/3] fix #3893: network: make bridge vids configurable

[Aaron Lauterer]

For that we need to add a new format option that checks against valid
VLAN tags and ranges, for example: 2 4 100-200

The check, if the default value should be used, needs to fail not just
when not defined, but also in case it is an empty string.

Signed-off-by: Aaron Lauterer <a.lauterer at proxmox.com>
---

Notes:
    I think replacing the 'defined' check with 'length' should be fine.
    We need to also handle the situation that the parameter is defined,
    but an empty string. There should be no autovivification happening.
    If I missed a side effect, let me know.
    
    For the new format option I went with singular for the name as it
    only checks a single VLAN ID/range from the list, 'pve-bridge-vid',
    but I am not sure if it wouldn't be better to call it the actual
    parameter name 'pve-bridge-vids'.

 src/PVE/INotify.pm    |  2 +-
 src/PVE/JSONSchema.pm | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm
index bc33a8f..14f40ac 100644
--- a/src/PVE/INotify.pm
+++ b/src/PVE/INotify.pm
@@ -1270,7 +1270,7 @@ sub __interface_to_string {
 
 	if (defined($d->{bridge_vlan_aware})) {
 	    $raw .= "\tbridge-vlan-aware yes\n";
-	    my $vlans = defined($d->{bridge_vids}) ? $d->{bridge_vids} : "2-4094";
+	    my $vlans = length($d->{bridge_vids}) ? $d->{bridge_vids} : "2-4094";
 	    $raw .= "\tbridge-vids $vlans\n";
 	}
 	$done->{bridge_vlan_aware} = 1;
diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm
index 527e409..d81a567 100644
--- a/src/PVE/JSONSchema.pm
+++ b/src/PVE/JSONSchema.pm
@@ -78,6 +78,12 @@ register_standard_option('pve-iface', {
     minLength => 2, maxLength => 20,
 });
 
+register_standard_option('pve-bridge-vid', {
+    description => "Bridge VLAN ID.",
+    type => 'string', format => 'pve-bridge-vid',
+    minLength => 1, maxLength => 9,
+});
+
 register_standard_option('pve-storage-id', {
     description => "The storage identifier.",
     type => 'string', format => 'pve-storage-id',
@@ -588,6 +594,32 @@ sub pve_verify_iface {
     return $id;
 }
 
+# bridge vlan id (vids)
+register_format('pve-bridge-vid', \&pve_verify_bridge_vid);
+sub pve_verify_bridge_vid {
+    my ($vlan, $noerr) = @_;
+
+    my $check_vid = sub {
+	my $id = shift;
+	if ( $id < 2 || $id > 4094) {
+	    return undef if $noerr;
+	    die "invalid VLAN tag '$id'\n";
+	}
+    };
+
+    if ($vlan !~ m/^(\d+)([-](\d+))?$/i) {
+	return undef if $noerr;
+	die "invalid VLAN configuration '$vlan'\n";
+    }
+    $check_vid->($1);
+    if ($3) {
+	$check_vid->($3);
+	die "VLAN range must go from lower to higher tag '$vlan'" if $1 > $3 && !$noerr;
+    }
+
+    return $vlan;
+}
+
 # general addresses by name or IP
 register_format('address', \&pve_verify_address);
 sub pve_verify_address {
-- 
2.30.2