Loopback address routing should be invalid
Host route validators should reject loopback CIDRs. Change-Id: Ifa545242224bdc80a934b529e44b25b4492d4e0b CLoses-bug: 1834012
This commit is contained in:
parent
d2cabd9ed8
commit
8417717411
|
@ -680,6 +680,8 @@ def validate_route_cidr(data, valid_values=None):
|
||||||
msg = _("'%(data)s' is not a recognized CIDR,"
|
msg = _("'%(data)s' is not a recognized CIDR,"
|
||||||
" '%(cidr)s' is recommended") % {"data": data,
|
" '%(cidr)s' is recommended") % {"data": data,
|
||||||
"cidr": net.cidr}
|
"cidr": net.cidr}
|
||||||
|
elif net.is_loopback():
|
||||||
|
msg = _("'%(data)s' is not a routable CIDR") % {"data": data}
|
||||||
else:
|
else:
|
||||||
return
|
return
|
||||||
except Exception:
|
except Exception:
|
||||||
|
|
|
@ -742,6 +742,12 @@ class TestAttributeValidation(base.BaseTestCase):
|
||||||
"cidr": "192.0.0.0/8"}
|
"cidr": "192.0.0.0/8"}
|
||||||
self.assertEqual(error, msg)
|
self.assertEqual(error, msg)
|
||||||
|
|
||||||
|
# Invalid - loopback CIDR
|
||||||
|
cidr = "127.0.0.0/8"
|
||||||
|
msg = validators.validate_route_cidr(cidr, None)
|
||||||
|
error = _("'%(data)s' is not a routable CIDR") % {"data": cidr}
|
||||||
|
self.assertEqual(error, msg)
|
||||||
|
|
||||||
# Invalid - CIDR format error
|
# Invalid - CIDR format error
|
||||||
cidr = 'invalid'
|
cidr = 'invalid'
|
||||||
msg = validators.validate_route_cidr(cidr, None)
|
msg = validators.validate_route_cidr(cidr, None)
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
Static route validator should verify that routed CIDR isn't a loopback.
|
||||||
|
Loopback addresses should not be routable.
|
||||||
|
Bug: `1834012 <https://bugs.launchpad.net/neutron/+bug/1834012>`_
|
||||||
|
|
Loading…
Reference in New Issue