From d1a306a021d4c07d396ff979085de83a89fb0e0f Mon Sep 17 00:00:00 2001 From: travisladuke Date: Thu, 22 Feb 2024 09:04:28 -0800 Subject: [PATCH] Prevent creating members on non-existent networks. ```sh curl -s -X POST "http://localhost:9993/controller/network/abcdabcdabcdabcd/member/1122334455" ``` Would return 200 and ZT_HOME/controller.d/abcdabcdabcdabcd/members/1122334455 would be created. Without a ZT_HOME/controller.d/abcdabcdabcdabcd.json Then other parts of the system mistakenly think a abcdabcdabcdabcd network sorta kinda exists and then fail in weird ways. --- controller/EmbeddedNetworkController.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/controller/EmbeddedNetworkController.cpp b/controller/EmbeddedNetworkController.cpp index f808e0608..a83894644 100644 --- a/controller/EmbeddedNetworkController.cpp +++ b/controller/EmbeddedNetworkController.cpp @@ -969,7 +969,7 @@ void EmbeddedNetworkController::configureHTTPControlPlane( sv6.Get(networkPath, networkGet); auto createNewNetwork = [&, setContent](const httplib::Request &req, httplib::Response &res) { - fprintf(stderr, "creating new network (new style)\n"); + // fprintf(stderr, "creating new network (new style)\n"); uint64_t nwid = 0; uint64_t nwidPrefix = (Utils::hexStrToU64(_signingIdAddressString.c_str()) << 24) & 0xffffffffff000000ULL; uint64_t nwidPostfix = 0; @@ -1136,6 +1136,12 @@ void EmbeddedNetworkController::configureHTTPControlPlane( auto memberID = req.matches[2].str(); uint64_t nwid = Utils::hexStrToU64(networkID.c_str()); uint64_t memid = Utils::hexStrToU64(memberID.c_str()); + + if (!_db.hasNetwork(nwid)) { + res.status = 404; + return; + } + json network; json member; _db.get(nwid, network, memid, member);