summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Kosek <mkosek@redhat.com>2011-10-13 14:35:06 +0200
committerMartin Kosek <mkosek@redhat.com>2011-10-13 15:03:41 +0200
commitf7a9da8b3fb7da7a479e54ba4932fd07775d9a4e (patch)
tree87dba15fc0e9124e20a73bbc2a40a954c2cd97a1
parente5389ffd5193fcb7edf3b0c5fa887e46cff986fe (diff)
downloadfreeipa-f7a9da8b3fb7da7a479e54ba4932fd07775d9a4e.zip
freeipa-f7a9da8b3fb7da7a479e54ba4932fd07775d9a4e.tar.gz
freeipa-f7a9da8b3fb7da7a479e54ba4932fd07775d9a4e.tar.xz
Make IPv4 address parsing more strict
Let netaddr.IPAddress() use inet_pton() rather than inet_aton() for IP address parsing. We will use the same function in IPv4/IPv6 conversions + be stricter and don't allow IP addresses such as '1.1.1' at the same time. https://fedorahosted.org/freeipa/ticket/1965
-rw-r--r--ipapython/ipautil.py12
1 files changed, 9 insertions, 3 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index 2328698..b002594 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -69,9 +69,15 @@ def get_domain_name():
return domain_name
class CheckedIPAddress(netaddr.IPAddress):
+
+ # Use inet_pton() rather than inet_aton() for IP address parsing. We
+ # will use the same function in IPv4/IPv6 conversions + be stricter
+ # and don't allow IP addresses such as '1.1.1' in the same time
+ netaddr_ip_flags = netaddr.INET_PTON
+
def __init__(self, addr, match_local=False, parse_netmask=True):
if isinstance(addr, CheckedIPAddress):
- super(CheckedIPAddress, self).__init__(addr)
+ super(CheckedIPAddress, self).__init__(addr, flags=self.netaddr_ip_flags)
self.prefixlen = addr.prefixlen
self.defaultnet = addr.defaultnet
self.interface = addr.interface
@@ -88,7 +94,7 @@ class CheckedIPAddress(netaddr.IPAddress):
pass
else:
try:
- addr = netaddr.IPAddress(addr)
+ addr = netaddr.IPAddress(addr, flags=self.netaddr_ip_flags)
except ValueError:
net = netaddr.IPNetwork(addr)
if not parse_netmask:
@@ -140,7 +146,7 @@ class CheckedIPAddress(netaddr.IPAddress):
if addr.version == 4 and addr == net.broadcast:
raise ValueError("cannot use broadcast IP address")
- super(CheckedIPAddress, self).__init__(addr)
+ super(CheckedIPAddress, self).__init__(addr, flags=self.netaddr_ip_flags)
self.prefixlen = net.prefixlen
self.defaultnet = defnet
self.interface = iface