From 70fd78928cb874006f218ae4e7aca00e0babf99a Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 13 Apr 2016 16:14:42 +0200 Subject: Use netifaces module instead of 'ip' command Netifaces allows to get addresses from local interfaces of the host in safer way than parsing output of the ip command. https://fedorahosted.org/freeipa/ticket/5591 Reviewed-By: David Kupka --- ipapython/ipautil.py | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) (limited to 'ipapython') diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index d705c51f8..e595d80ca 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -32,6 +32,7 @@ import socket import re import datetime import netaddr +import netifaces import time import gssapi import pwd @@ -151,24 +152,24 @@ class CheckedIPAddress(netaddr.IPAddress): if match_local: if addr.version == 4: - family = 'inet' + family = netifaces.AF_INET elif addr.version == 6: - family = 'inet6' - - result = run( - [paths.IP, '-family', family, '-oneline', 'address', 'show'], - capture_output=True) - lines = result.output.split('\n') - for line in lines: - fields = line.split() - if len(fields) < 4: - continue - - ifnet = netaddr.IPNetwork(fields[3]) - if ifnet == net or (net is None and ifnet.ip == addr): - net = ifnet - iface = fields[1] - break + family = netifaces.AF_INET6 + else: + raise ValueError( + "Unsupported address family ({})".format(addr.version) + ) + + for interface in netifaces.interfaces(): + for ifdata in netifaces.ifaddresses(interface).get(family, []): + ifnet = netaddr.IPNetwork('{addr}/{netmask}'.format( + addr=ifdata['addr'], + netmask=ifdata['netmask'] + )) + if ifnet == net or (net is None and ifnet.ip == addr): + net = ifnet + iface = interface + break if iface is None: raise ValueError('No network interface matches the provided IP address and netmask') -- cgit