Re: Issue #4206 - Firewall port list or range not possible #132

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Issue #4206 - Firewall port list or range not possible #132

Norbert Schulze

Somehow this mail came not through to the mailing list the first time:

 

Any number between 1 and 65535 is valid or any range by these numbers seperated by hyphen or any combination of these seperated by comma.

Is validation necessary? I have only seen this validation where only specific words are allowed.

 

E.g. registry extension doesn't check the parameters.

Also the current firewall port code doesn't check if the number is between 1 and 65535.

 

From: Rob Mensching [mailto:[hidden email]]
Sent: Sunday, January 4, 2015 02:50 AM
To: WiX toolset developer mailing list
Subject: Re: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

Left my one comment. Is there really no validation of the port list required?

 

_______________________________________________________________

FireGiant  |  Dedicated support for the WiX toolset  |  http://www.firegiant.com/

 

From: Norbert Schulze [[hidden email]]
Sent: Thursday, December 11, 2014 11:42 AM
To: 'WiX toolset developer mailing list'
Subject: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

Is there any chance that my pull request will be included in wix3 and wix4 in the near future?

 

https://github.com/wixtoolset/wix3/pull/132

 

Regards, Norbert


------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
WiX-devs mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wix-devs
Reply | Threaded
Open this post in threaded view
|

Re: Issue #4206 - Firewall port list or range not possible #132

Rob Mensching-7

If there is no validation, how does someone know what the correct values are? There were no updates to the XSD for documentation purposes. Moreover, since the firewall allows lots of interesting patterns there are a lot more ways to go wrong adding even more value to the validation.

 

I don’t know what you mean by “registry extension”.

 

Finally, I’d bet dollars to donuts the current firewall code didn’t validate the port range because the person that wrote the code initially didn’t know there was an allowed range.

 

Ultimately, the goal should be to make the code better. If you want to say that validating the values is the wrong thing to do, we should have that debate. If you want to say you don’t want to do the work, then fine. However, let’s not argue that since useful validation was absent before that we should not add the validation now, cool?

 

_______________________________________________________________

FireGiant  |  Dedicated support for the WiX toolset  |  http://www.firegiant.com/

 

From: Norbert Schulze [mailto:[hidden email]]
Sent: Tuesday, January 20, 2015 12:04 PM
To: 'WiX toolset developer mailing list'
Subject: Re: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

Somehow this mail came not through to the mailing list the first time:

 

Any number between 1 and 65535 is valid or any range by these numbers seperated by hyphen or any combination of these seperated by comma.

Is validation necessary? I have only seen this validation where only specific words are allowed.

 

E.g. registry extension doesn't check the parameters.

Also the current firewall port code doesn't check if the number is between 1 and 65535.

 

From: Rob Mensching [[hidden email]]
Sent: Sunday, January 4, 2015 02:50 AM
To: WiX toolset developer mailing list
Subject: Re: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

Left my one comment. Is there really no validation of the port list required?

 

_______________________________________________________________

FireGiant  |  Dedicated support for the WiX toolset  |  http://www.firegiant.com/

 

From: Norbert Schulze [[hidden email]]
Sent: Thursday, December 11, 2014 11:42 AM
To: 'WiX toolset developer mailing list'
Subject: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

Is there any chance that my pull request will be included in wix3 and wix4 in the near future?

 

https://github.com/wixtoolset/wix3/pull/132

 

Regards, Norbert


------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
WiX-devs mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wix-devs
Reply | Threaded
Open this post in threaded view
|

Re: Issue #4206 - Firewall port list or range not possible #132

Bob Arnson-6
On 26-Jan-15 19:06, Rob Mensching wrote:
Finally, I’d bet dollars to donuts the current firewall code didn’t validate the port range because the person that wrote the code initially didn’t know there was an allowed range.
I'll take that bet. The reason there's little validation is that originally, port was a single integer -- but it could be a formatted string. The firewall API gives feedback on each attribute of the firewall rule.

There's also the question of which rules to validate against (XP's or Vista's).

Dollars, please.
-- 
sig://boB
http://joyofsetup.com/

------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
WiX-devs mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wix-devs
Reply | Threaded
Open this post in threaded view
|

Re: Issue #4206 - Firewall port list or range not possible #132

Norbert Schulze
In reply to this post by Rob Mensching-7

You are right, validation is a good thing, but I have not enough WiX programming knowledge/skills to program the parameter validation.

Also I have added the missing ReleaseStr to my original pull request and have signed the assignment agreement on January 8.

 

From: Rob Mensching [mailto:[hidden email]]
Sent: Tuesday, January 27, 2015 1:06 AM
To: WiX toolset developer mailing list
Subject: Re: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

If there is no validation, how does someone know what the correct values are? There were no updates to the XSD for documentation purposes. Moreover, since the firewall allows lots of interesting patterns there are a lot more ways to go wrong adding even more value to the validation.

 

I don’t know what you mean by “registry extension”.

 

Finally, I’d bet dollars to donuts the current firewall code didn’t validate the port range because the person that wrote the code initially didn’t know there was an allowed range.

 

Ultimately, the goal should be to make the code better. If you want to say that validating the values is the wrong thing to do, we should have that debate. If you want to say you don’t want to do the work, then fine. However, let’s not argue that since useful validation was absent before that we should not add the validation now, cool?

 

_______________________________________________________________

FireGiant  |  Dedicated support for the WiX toolset  |  http://www.firegiant.com/

 

From: Norbert Schulze [[hidden email]]
Sent: Tuesday, January 20, 2015 12:04 PM
To: 'WiX toolset developer mailing list'
Subject: Re: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

Somehow this mail came not through to the mailing list the first time:

 

Any number between 1 and 65535 is valid or any range by these numbers seperated by hyphen or any combination of these seperated by comma.

Is validation necessary? I have only seen this validation where only specific words are allowed.

 

E.g. registry extension doesn't check the parameters.

Also the current firewall port code doesn't check if the number is between 1 and 65535.

 

From: Rob Mensching [[hidden email]]
Sent: Sunday, January 4, 2015 02:50 AM
To: WiX toolset developer mailing list
Subject: Re: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

Left my one comment. Is there really no validation of the port list required?

 

_______________________________________________________________

FireGiant  |  Dedicated support for the WiX toolset  |  http://www.firegiant.com/

 

From: Norbert Schulze [[hidden email]]
Sent: Thursday, December 11, 2014 11:42 AM
To: 'WiX toolset developer mailing list'
Subject: [WiX-devs] Issue #4206 - Firewall port list or range not possible #132

 

Is there any chance that my pull request will be included in wix3 and wix4 in the near future?

 

https://github.com/wixtoolset/wix3/pull/132

 

Regards, Norbert


------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
WiX-devs mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wix-devs