Revision a4658bbe snf-cyclades-app/synnefo/api/util.py
| b/snf-cyclades-app/synnefo/api/util.py | ||
|---|---|---|
| 31 | 31 |
# interpreted as representing official policies, either expressed |
| 32 | 32 |
# or implied, of GRNET S.A. |
| 33 | 33 |
|
| 34 |
import ipaddr |
|
| 35 |
|
|
| 36 | 34 |
from base64 import b64encode, b64decode |
| 37 | 35 |
from hashlib import sha256 |
| 38 | 36 |
from logging import getLogger |
| ... | ... | |
| 55 | 53 |
from synnefo.db.pools import EmptyPool |
| 56 | 54 |
|
| 57 | 55 |
from synnefo.plankton.utils import image_backend |
| 58 |
from synnefo.settings import MAX_CIDR_BLOCK |
|
| 59 | 56 |
|
| 60 | 57 |
from synnefo.cyclades_settings import cyclades_services, BASE_HOST |
| 61 | 58 |
from synnefo.lib.services import get_service_path |
| ... | ... | |
| 231 | 228 |
raise faults.ItemNotFound("Floating IP does not exist.")
|
| 232 | 229 |
|
| 233 | 230 |
|
| 234 |
def validate_network_params(subnet=None, gateway=None, subnet6=None, |
|
| 235 |
gateway6=None): |
|
| 236 |
if (subnet is None) and (subnet6 is None): |
|
| 237 |
raise faults.BadRequest("subnet or subnet6 is required")
|
|
| 238 |
|
|
| 239 |
if subnet: |
|
| 240 |
try: |
|
| 241 |
# Use strict option to not all subnets with host bits set |
|
| 242 |
network = ipaddr.IPv4Network(subnet, strict=True) |
|
| 243 |
except ValueError: |
|
| 244 |
raise faults.BadRequest("Invalid network IPv4 subnet")
|
|
| 245 |
|
|
| 246 |
# Check that network size is allowed! |
|
| 247 |
if not validate_network_size(network.prefixlen): |
|
| 248 |
raise faults.OverLimit(message="Unsupported network size", |
|
| 249 |
details="Network mask must be in range" |
|
| 250 |
" (%s, 29]" % MAX_CIDR_BLOCK) |
|
| 251 |
if gateway: # Check that gateway belongs to network |
|
| 252 |
try: |
|
| 253 |
gateway = ipaddr.IPv4Address(gateway) |
|
| 254 |
except ValueError: |
|
| 255 |
raise faults.BadRequest("Invalid network IPv4 gateway")
|
|
| 256 |
if not gateway in network: |
|
| 257 |
raise faults.BadRequest("Invalid network IPv4 gateway")
|
|
| 258 |
|
|
| 259 |
if subnet6: |
|
| 260 |
try: |
|
| 261 |
# Use strict option to not all subnets with host bits set |
|
| 262 |
network6 = ipaddr.IPv6Network(subnet6, strict=True) |
|
| 263 |
except ValueError: |
|
| 264 |
raise faults.BadRequest("Invalid network IPv6 subnet")
|
|
| 265 |
if gateway6: |
|
| 266 |
try: |
|
| 267 |
gateway6 = ipaddr.IPv6Address(gateway6) |
|
| 268 |
except ValueError: |
|
| 269 |
raise faults.BadRequest("Invalid network IPv6 gateway")
|
|
| 270 |
if not gateway6 in network6: |
|
| 271 |
raise faults.BadRequest("Invalid network IPv6 gateway")
|
|
| 272 |
|
|
| 273 |
|
|
| 274 |
def validate_network_size(cidr_block): |
|
| 275 |
"""Return True if network size is allowed.""" |
|
| 276 |
return cidr_block <= 29 and cidr_block > MAX_CIDR_BLOCK |
|
| 277 |
|
|
| 278 |
|
|
| 279 | 231 |
def allocate_public_address(backend): |
| 280 | 232 |
"""Get a public IP for any available network of a backend.""" |
| 281 | 233 |
# Guarantee exclusive access to backend, because accessing the IP pools of |
Also available in: Unified diff