Revision a4658bbe snf-cyclades-app/synnefo/api/util.py

b/snf-cyclades-app/synnefo/api/util.py
31 31
# interpreted as representing official policies, either expressed
32 32
# or implied, of GRNET S.A.
33 33

  
34
import ipaddr
35

  
36 34
from base64 import b64encode, b64decode
37 35
from hashlib import sha256
38 36
from logging import getLogger
......
55 53
from synnefo.db.pools import EmptyPool
56 54

  
57 55
from synnefo.plankton.utils import image_backend
58
from synnefo.settings import MAX_CIDR_BLOCK
59 56

  
60 57
from synnefo.cyclades_settings import cyclades_services, BASE_HOST
61 58
from synnefo.lib.services import get_service_path
......
231 228
        raise faults.ItemNotFound("Floating IP does not exist.")
232 229

  
233 230

  
234
def validate_network_params(subnet=None, gateway=None, subnet6=None,
235
                            gateway6=None):
236
    if (subnet is None) and (subnet6 is None):
237
        raise faults.BadRequest("subnet or subnet6 is required")
238

  
239
    if subnet:
240
        try:
241
            # Use strict option to not all subnets with host bits set
242
            network = ipaddr.IPv4Network(subnet, strict=True)
243
        except ValueError:
244
            raise faults.BadRequest("Invalid network IPv4 subnet")
245

  
246
        # Check that network size is allowed!
247
        if not validate_network_size(network.prefixlen):
248
            raise faults.OverLimit(message="Unsupported network size",
249
                                   details="Network mask must be in range"
250
                                           " (%s, 29]" % MAX_CIDR_BLOCK)
251
        if gateway:  # Check that gateway belongs to network
252
            try:
253
                gateway = ipaddr.IPv4Address(gateway)
254
            except ValueError:
255
                raise faults.BadRequest("Invalid network IPv4 gateway")
256
            if not gateway in network:
257
                raise faults.BadRequest("Invalid network IPv4 gateway")
258

  
259
    if subnet6:
260
        try:
261
            # Use strict option to not all subnets with host bits set
262
            network6 = ipaddr.IPv6Network(subnet6, strict=True)
263
        except ValueError:
264
            raise faults.BadRequest("Invalid network IPv6 subnet")
265
        if gateway6:
266
            try:
267
                gateway6 = ipaddr.IPv6Address(gateway6)
268
            except ValueError:
269
                raise faults.BadRequest("Invalid network IPv6 gateway")
270
            if not gateway6 in network6:
271
                raise faults.BadRequest("Invalid network IPv6 gateway")
272

  
273

  
274
def validate_network_size(cidr_block):
275
    """Return True if network size is allowed."""
276
    return cidr_block <= 29 and cidr_block > MAX_CIDR_BLOCK
277

  
278

  
279 231
def allocate_public_address(backend):
280 232
    """Get a public IP for any available network of a backend."""
281 233
    # Guarantee exclusive access to backend, because accessing the IP pools of

Also available in: Unified diff