diff options
| author | Jenkins <jenkins@review.openstack.org> | 2012-01-17 08:15:48 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2012-01-17 08:15:48 +0000 |
| commit | 2dd52511cf8b7b9e5c7c7cd8564b0fec8acd03cb (patch) | |
| tree | 728474d02ca657ce7cd50d5a8bcacf91f7a6f51e /nova/api | |
| parent | 3972390d286ba487a53a27fa59a6cc1b0e2573ba (diff) | |
| parent | 918d9998e1855879e35b039430b71277e3200814 (diff) | |
| download | nova-2dd52511cf8b7b9e5c7c7cd8564b0fec8acd03cb.tar.gz nova-2dd52511cf8b7b9e5c7c7cd8564b0fec8acd03cb.tar.xz nova-2dd52511cf8b7b9e5c7c7cd8564b0fec8acd03cb.zip | |
Merge "Add ipv4 and ipv6 validation"
Diffstat (limited to 'nova/api')
| -rw-r--r-- | nova/api/openstack/compute/servers.py | 35 |
1 files changed, 33 insertions, 2 deletions
diff --git a/nova/api/openstack/compute/servers.py b/nova/api/openstack/compute/servers.py index 3a0cc3683..274589696 100644 --- a/nova/api/openstack/compute/servers.py +++ b/nova/api/openstack/compute/servers.py @@ -16,6 +16,7 @@ import base64 import os +import socket from xml.dom import minidom from webob import exc @@ -568,6 +569,20 @@ class Controller(wsgi.Controller): expl = _('Userdata content cannot be decoded') raise exc.HTTPBadRequest(explanation=expl) + def _validate_access_ipv4(self, address): + try: + socket.inet_aton(address) + except socket.error: + expl = _('accessIPv4 is not proper IPv4 format') + raise exc.HTTPBadRequest(explanation=expl) + + def _validate_access_ipv6(self, address): + try: + socket.inet_pton(socket.AF_INET6, address) + except socket.error: + expl = _('accessIPv4 is not proper IPv4 format') + raise exc.HTTPBadRequest(explanation=expl) + @wsgi.serializers(xml=ServerTemplate) @exception.novaclient_converter @scheduler_api.redirect_handler @@ -634,6 +649,14 @@ class Controller(wsgi.Controller): requested_networks = self._get_requested_networks( requested_networks) + (access_ip_v4, ) = server_dict.get('accessIPv4'), + if access_ip_v4 is not None: + self._validate_access_ipv4(access_ip_v4) + + (access_ip_v6, ) = server_dict.get('accessIPv6'), + if access_ip_v6 is not None: + self._validate_access_ipv6(access_ip_v6) + try: flavor_id = self._flavor_id_from_req_data(body) except ValueError as error: @@ -687,8 +710,8 @@ class Controller(wsgi.Controller): display_description=name, key_name=key_name, metadata=server_dict.get('metadata', {}), - access_ip_v4=server_dict.get('accessIPv4'), - access_ip_v6=server_dict.get('accessIPv6'), + access_ip_v4=access_ip_v4, + access_ip_v6=access_ip_v6, injected_files=injected_files, admin_password=password, zone_blob=zone_blob, @@ -767,10 +790,12 @@ class Controller(wsgi.Controller): if 'accessIPv4' in body['server']: access_ipv4 = body['server']['accessIPv4'] + self._validate_access_ipv4(access_ipv4) update_dict['access_ip_v4'] = access_ipv4.strip() if 'accessIPv6' in body['server']: access_ipv6 = body['server']['accessIPv6'] + self._validate_access_ipv6(access_ipv6) update_dict['access_ip_v6'] = access_ipv6.strip() if 'auto_disk_config' in body['server']: @@ -1008,6 +1033,12 @@ class Controller(wsgi.Controller): 'metadata': 'metadata', } + if 'accessIPv4' in body: + self._validate_access_ipv4(body['accessIPv4']) + + if 'accessIPv6' in body: + self._validate_access_ipv6(body['accessIPv6']) + kwargs = {} for request_attribute, instance_attribute in attr_map.items(): |