diff options
author | Martin Kosek <mkosek@redhat.com> | 2011-10-13 14:35:06 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2011-10-13 15:03:41 +0200 |
commit | f7a9da8b3fb7da7a479e54ba4932fd07775d9a4e (patch) | |
tree | 87dba15fc0e9124e20a73bbc2a40a954c2cd97a1 /ipapython | |
parent | e5389ffd5193fcb7edf3b0c5fa887e46cff986fe (diff) | |
download | freeipa-f7a9da8b3fb7da7a479e54ba4932fd07775d9a4e.tar.gz freeipa-f7a9da8b3fb7da7a479e54ba4932fd07775d9a4e.tar.xz freeipa-f7a9da8b3fb7da7a479e54ba4932fd07775d9a4e.zip |
Make IPv4 address parsing more strict
Let netaddr.IPAddress() use inet_pton() rather than inet_aton() for
IP address parsing. We will use the same function in IPv4/IPv6
conversions + be stricter and don't allow IP addresses such as
'1.1.1' at the same time.
https://fedorahosted.org/freeipa/ticket/1965
Diffstat (limited to 'ipapython')
-rw-r--r-- | ipapython/ipautil.py | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index 232869802..b00259494 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -69,9 +69,15 @@ def get_domain_name(): return domain_name class CheckedIPAddress(netaddr.IPAddress): + + # Use inet_pton() rather than inet_aton() for IP address parsing. We + # will use the same function in IPv4/IPv6 conversions + be stricter + # and don't allow IP addresses such as '1.1.1' in the same time + netaddr_ip_flags = netaddr.INET_PTON + def __init__(self, addr, match_local=False, parse_netmask=True): if isinstance(addr, CheckedIPAddress): - super(CheckedIPAddress, self).__init__(addr) + super(CheckedIPAddress, self).__init__(addr, flags=self.netaddr_ip_flags) self.prefixlen = addr.prefixlen self.defaultnet = addr.defaultnet self.interface = addr.interface @@ -88,7 +94,7 @@ class CheckedIPAddress(netaddr.IPAddress): pass else: try: - addr = netaddr.IPAddress(addr) + addr = netaddr.IPAddress(addr, flags=self.netaddr_ip_flags) except ValueError: net = netaddr.IPNetwork(addr) if not parse_netmask: @@ -140,7 +146,7 @@ class CheckedIPAddress(netaddr.IPAddress): if addr.version == 4 and addr == net.broadcast: raise ValueError("cannot use broadcast IP address") - super(CheckedIPAddress, self).__init__(addr) + super(CheckedIPAddress, self).__init__(addr, flags=self.netaddr_ip_flags) self.prefixlen = net.prefixlen self.defaultnet = defnet self.interface = iface |