[node-patches] Change in ovirt-node[node-3.0]: Block IPv6 for services which don't support it
rbarry at redhat.com
rbarry at redhat.com
Wed Dec 4 14:22:25 UTC 2013
Ryan Barry has uploaded a new change for review.
Change subject: Block IPv6 for services which don't support it
......................................................................
Block IPv6 for services which don't support it
Previously, we allowed FQDNOrIPAddress() for netconsole and kdump, which don't
support IPv6 configuration. Don't allow IPv6 addresses.
Related to this, give users support to disable it by passing an argument to
validators.
Change-Id: Id9dc98d9bc6b11060fd4deefe4332e24c517cb30
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1008841
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1008795
Signed-off-by: Ryan Barry <rbarry at redhat.com>
---
M src/ovirt/node/setup/core/kdump_page.py
M src/ovirt/node/setup/core/logging_page.py
M src/ovirt/node/valid.py
3 files changed, 25 insertions(+), 9 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/40/22040/1
diff --git a/src/ovirt/node/setup/core/kdump_page.py b/src/ovirt/node/setup/core/kdump_page.py
index 5887cd4..c5ecef5 100644
--- a/src/ovirt/node/setup/core/kdump_page.py
+++ b/src/ovirt/node/setup/core/kdump_page.py
@@ -70,8 +70,10 @@
"""
# FIXME improve validation for ssh and nfs
return {"kdump.type": valid.Options(dict(self._types).keys()),
- "kdump.ssh_location": valid.Empty() | valid.SSHAddress(),
- "kdump.nfs_location": valid.Empty() | valid.NFSAddress(),
+ "kdump.ssh_location": (valid.Empty() |
+ valid.SSHAddress(allow_ipv6=False)),
+ "kdump.nfs_location": (valid.Empty() |
+ valid.NFSAddress(allow_ipv6=False)),
}
def ui_content(self):
diff --git a/src/ovirt/node/setup/core/logging_page.py b/src/ovirt/node/setup/core/logging_page.py
index 270cd18..b0b014a 100644
--- a/src/ovirt/node/setup/core/logging_page.py
+++ b/src/ovirt/node/setup/core/logging_page.py
@@ -59,7 +59,8 @@
"rsyslog.address": (valid.Empty() | valid.FQDNOrIPAddress()),
"rsyslog.port": valid.Port(),
"netconsole.address": (valid.Empty() |
- valid.FQDNOrIPAddress()),
+ valid.FQDNOrIPAddress(
+ allow_ipv6=False)),
"netconsole.port": valid.Port(),
}
diff --git a/src/ovirt/node/valid.py b/src/ovirt/node/valid.py
index 963f694..92ca35f 100644
--- a/src/ovirt/node/valid.py
+++ b/src/ovirt/node/valid.py
@@ -386,8 +386,9 @@
False
"""
- def __init__(self):
- self._validator = IPv4Address() | IPv6Address()
+ def __init__(self, allow_ipv6=True):
+ self._validator = IPv4Address() | IPv6Address() if allow_ipv6 else \
+ IPv4Address()
self.description = self._validator.description
def validate(self, value):
@@ -407,8 +408,8 @@
False
"""
- def __init__(self):
- self._validator = FQDN() | IPAddress()
+ def __init__(self, allow_ipv6=True):
+ self._validator = FQDN() | IPAddress(allow_ipv6)
self.description = self._validator.description
def validate(self, value):
@@ -517,6 +518,8 @@
False
>>> NFSAddress().validate("1.2.3.4:var/nfsserver")
False
+ >>> NFSAddress(allow_ipv6=False).validate("1::4:/var/nfsserver")
+ False
>>> NFSAddress().validate("1::4")
False
>>> NFSAddress().validate("1:2:3:4")
@@ -528,13 +531,16 @@
"""
description = "a valid NFS address"
+ def __init__(self, allow_ipv6=True):
+ self._allow_ipv6 = allow_ipv6
+
def validate(self, value):
is_valid = False
try:
# Addr can be IPv6 or IPv4, therefor a bit more cplx
parts = value.split(":")
addr, path = ":".join(parts[:-1]), parts[-1]
- FQDNOrIPAddress()(addr)
+ FQDNOrIPAddress(self._allow_ipv6)(addr)
is_valid = path.startswith("/")
except:
is_valid = False
@@ -549,6 +555,10 @@
True
>>> SSHAddress()("root at 192.168.1.1")
True
+ >>> SSHAddress().validate("root at 1::4")
+ True
+ >>> SSHAddress(allow_ipv6=False).validate("root at 1::4")
+ False
>>> SSHAddress().validate(".com")
False
>>> SSHAddress().validate("")
@@ -556,6 +566,9 @@
"""
description = "a valid SSH Address"
+
+ def __init__(self, allow_ipv6=True):
+ self._allow_ipv6 = allow_ipv6
def validate(self, value):
is_valid = False
@@ -565,7 +578,7 @@
raise ValueError()
user, host = parts
is_valid = Text().validate(user) and \
- FQDNOrIPAddress().validate(host)
+ FQDNOrIPAddress(self._allow_ipv6).validate(host)
except ValueError:
is_valid = False
--
To view, visit http://gerrit.ovirt.org/22040
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Id9dc98d9bc6b11060fd4deefe4332e24c517cb30
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: node-3.0
Gerrit-Owner: Ryan Barry <rbarry at redhat.com>
More information about the node-patches
mailing list