P1: Add comprehensive input validation

[BadgerOps]

Missing Input Validation

Priority: P1 - High
Estimate: 3 hours
Review Reference: REVIEW.md (P1-1)

Issue

Several input validation gaps exist:

1. CIDR Validation Incomplete (internal/http/server.go:829-837)

   • Doesn't check for reserved ranges (0.0.0.0/8, 127.0.0.0/8, 240.0.0.0/4)
   • No broadcast address checks
   • No maximum prefix length constraints

2. Account Key Not Validated (internal/http/server.go:544-549)

   • No format validation (should match pattern like "aws:123456789012")
   • No length constraints
   • No character whitelist

3. Name Field Length Not Constrained

   • Pool names and account names have no max length
   • Could lead to storage/display issues

Impact: Medium - Could allow invalid data into system

Solution

Create internal/validation package with:

• ValidateCIDR() - check reserved ranges, format, constraints
• ValidateAccountKey() - format, length, character validation
• ValidateName() - length constraints, non-empty check

See REVIEW.md (P1-1) for complete implementation.

Acceptance Criteria

• validation package created with comprehensive checks
• CIDR validation rejects reserved ranges
• Account key validation enforces pattern and length
• Name validation enforces max length
• All validators have unit tests
• Handlers updated to use validators
• Error messages are descriptive