Verify security group parameters

Introduced various sanity checks before adding security group rule into the database. The checks have been implemented both in EC2 and openstack extension code. Implemented the suggestions made in first patch by Brian Fixed the unit tests in security groups Fixed pep8 issues in security group unit tests Fixes bug 869979. Change-Id: I2ac28666e90e7bdeacb7b1c2676c0719cfb9e441
author: Ahmad Hassan <ahmad.hassan@hp.com> 2011-09-30 15:10:33 +0100
committer: Ahmad Hassan <ahmad.hassan@hp.com> 2011-11-11 09:46:15 +0000
commit: 1a12349c056b52b488591abb1671ad94a6db6526 (patch)
tree: 59e9e7733dd540f95cef7ec0aaf6eda96437f3bd /nova/utils.py
parent: 59dfaf9e02ff0064a6844c9c986737267317776f (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/nova/utils.py b/nova/utils.py
index a30d90ff1..ad0d5725d 100644
--- a/nova/utils.py
+++ b/nova/utils.py
@@ -37,6 +37,7 @@ import time
 import types
 import uuid
 import pyclbr
+import netaddr
 from xml.sax import saxutils
 
 from eventlet import event
@@ -908,6 +909,26 @@ def is_valid_ipv4(address):
     return True
 
 
+def is_valid_cidr(address):
+    """Check if the provided ipv4 or ipv6 address is a valid
+    CIDR address or not"""
+    try:
+        # Validate the correct CIDR Address
+        netaddr.IPNetwork(address)
+    except netaddr.core.AddrFormatError:
+        return False
+
+    # Prior validation partially verify /xx part
+    # Verify it here
+    ip_segment = address.split('/')
+
+    if (len(ip_segment) <= 1 or
+        ip_segment[1] == ''):
+        return False
+
+    return True
+
+
 def monkey_patch():
     """  If the Flags.monkey_patch set as True,
     this function patches a decorator
author	Ahmad Hassan <ahmad.hassan@hp.com>	2011-09-30 15:10:33 +0100
committer	Ahmad Hassan <ahmad.hassan@hp.com>	2011-11-11 09:46:15 +0000
commit	1a12349c056b52b488591abb1671ad94a6db6526 (patch)
tree	59e9e7733dd540f95cef7ec0aaf6eda96437f3bd /nova/utils.py
parent	59dfaf9e02ff0064a6844c9c986737267317776f (diff)