Revision d368ec0c

b/snf-cyclades-app/synnefo/api/networks.py
186 186
        if flavor not in settings.API_ENABLED_NETWORK_FLAVORS:
187 187
            raise Forbidden("Can not create %s network" % flavor)
188 188

  
189
        cidr_block = int(subnet.split('/')[1])
190
        if not util.validate_network_size(cidr_block):
191
            raise OverLimit("Unsupported network size.")
189
        # Check that user provided a valid subnet
190
        util.validate_network_subnet(subnet)
192 191

  
193 192
        user_id = request.user_uniq
194 193
        serial = quotas.issue_network_commission(user_id)
b/snf-cyclades-app/synnefo/api/test/networks.py
122 122
                             json.dumps(request), 'json')
123 123
        self.assertFault(response, 403, "forbidden")
124 124

  
125
    def test_invalid_subnet(self, mrapi):
126
        """Test invalid subnet"""
127
        request = {
128
            'network': {'name': 'foo', 'cidr': '10.0.0.10/27'}
129
            }
130
        response = self.post('/api/v1.1/networks/', 'user1',
131
                             json.dumps(request), 'json')
132
        self.assertBadRequest(response)
133

  
125 134
    def test_list_networks(self, mrapi):
126 135
        """Test that expected list of networks is returned."""
127 136
        # Create a deleted network
b/snf-cyclades-app/synnefo/api/util.py
43 43
from time import time
44 44
from traceback import format_exc
45 45
from wsgiref.handlers import format_date_time
46
from ipaddr import IPNetwork
46 47

  
47 48
import dateutil.parser
48 49

  
......
239 240
        raise ItemNotFound('Network not found.')
240 241

  
241 242

  
243
def validate_network_subnet(subnet):
244
    try:
245
        # Use strict option to not all subnets with host bits set
246
        network = IPNetwork(subnet, strict=True)
247
    except ValueError:
248
        raise BadRequest("Invalid network subnet")
249

  
250
    # Check that network size is allowed!
251
    if not validate_network_size(network.prefixlen):
252
        raise OverLimit("Unsupported network size")
253

  
254

  
242 255
def validate_network_size(cidr_block):
243 256
    """Return True if network size is allowed."""
244 257
    return cidr_block <= 29 and cidr_block > MAX_CIDR_BLOCK
b/snf-cyclades-app/synnefo/management/common.py
91 91
    gateway6 = options['gateway6']
92 92

  
93 93
    try:
94
        net = ipaddr.IPv4Network(subnet)
94
        net = ipaddr.IPv4Network(subnet, strict=True)
95 95
        prefix = net.prefixlen
96 96
        if not validate_network_size(prefix):
97 97
            raise CommandError("Unsupport network mask %d."

Also available in: Unified diff