/usr/lib/python2.7/dist-packages/neutron_lib/api/validators/dns.py is in python-neutron-lib 1.13.0-0ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 | # Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import re
from oslo_config import cfg
from neutron_lib._i18n import _
from neutron_lib.api import validators
from neutron_lib import constants
from neutron_lib.db import constants as db_constants
def _validate_dns_format(data, max_len=db_constants.FQDN_FIELD_SIZE):
# NOTE: An individual name regex instead of an entire FQDN was used
# because its easier to make correct. The logic should validate that the
# dns_name matches RFC 1123 (section 2.1) and RFC 952.
if not data:
return
try:
# A trailing period is allowed to indicate that a name is fully
# qualified per RFC 1034 (page 7).
trimmed = data[:-1] if data.endswith('.') else data
if len(trimmed) > max_len:
raise TypeError(
_("'%(trimmed)s' exceeds the %(maxlen)s character FQDN "
"limit") % {'trimmed': trimmed, 'maxlen': max_len})
labels = trimmed.split('.')
for label in labels:
if not label:
raise TypeError(_("Encountered an empty component"))
if label.endswith('-') or label.startswith('-'):
raise TypeError(
_("Name '%s' must not start or end with a hyphen") % label)
if not re.match(constants.DNS_LABEL_REGEX, label):
raise TypeError(
_("Name '%s' must be 1-63 characters long, each of "
"which can only be alphanumeric or a hyphen") % label)
# RFC 1123 hints that a TLD can't be all numeric. last is a TLD if
# it's an FQDN.
if len(labels) > 1 and re.match("^[0-9]+$", labels[-1]):
raise TypeError(
_("TLD '%s' must not be all numeric") % labels[-1])
except TypeError as e:
msg = _("'%(data)s' not a valid PQDN or FQDN. Reason: %(reason)s") % {
'data': data, 'reason': e}
return msg
def _validate_dns_name_with_dns_domain(request_dns_name, dns_domain):
# If a PQDN was passed, make sure the FQDN that will be generated is of
# legal size
higher_labels = dns_domain
if dns_domain:
higher_labels = '.%s' % dns_domain
higher_labels_len = len(higher_labels)
dns_name_len = len(request_dns_name)
if not request_dns_name.endswith('.'):
if dns_name_len + higher_labels_len > db_constants.FQDN_FIELD_SIZE:
msg = _("The dns_name passed is a PQDN and its size is "
"'%(dns_name_len)s'. The dns_domain option in "
"neutron.conf is set to %(dns_domain)s, with a "
"length of '%(higher_labels_len)s'. When the two are "
"concatenated to form a FQDN (with a '.' at the end), "
"the resulting length exceeds the maximum size "
"of '%(fqdn_max_len)s'"
) % {'dns_name_len': dns_name_len,
'dns_domain': cfg.CONF.dns_domain,
'higher_labels_len': higher_labels_len,
'fqdn_max_len': db_constants.FQDN_FIELD_SIZE}
return msg
return
# A FQDN was passed
if (dns_name_len <= higher_labels_len or not
request_dns_name.endswith(higher_labels)):
msg = _("The dns_name passed is a FQDN. Its higher level labels "
"must be equal to the dns_domain option in neutron.conf, "
"that has been set to '%(dns_domain)s'. It must also "
"include one or more valid DNS labels to the left "
"of '%(dns_domain)s'") % {'dns_domain':
cfg.CONF.dns_domain}
return msg
def _get_dns_domain_config():
if not cfg.CONF.dns_domain:
return ''
if cfg.CONF.dns_domain.endswith('.'):
return cfg.CONF.dns_domain
return '%s.' % cfg.CONF.dns_domain
def _get_request_dns_name(dns_name):
dns_domain = _get_dns_domain_config()
if (dns_domain and dns_domain != constants.DNS_DOMAIN_DEFAULT):
# If CONF.dns_domain is the default value 'openstacklocal',
# neutron don't let the user to assign dns_name to ports
return dns_name
return ''
def validate_dns_name(data, max_len=db_constants.FQDN_FIELD_SIZE):
"""Validate DNS name.
This method validates dns name and also needs to have dns_domain in config
because this may call a method which uses the config.
:param data: The data to validate.
:param max_len: An optional cap on the length of the string.
:returns: None if data is valid, otherwise a human readable message
indicating why validation failed.
"""
msg = _validate_dns_format(data, max_len)
if msg:
return msg
request_dns_name = _get_request_dns_name(data)
if request_dns_name:
dns_domain = _get_dns_domain_config()
msg = _validate_dns_name_with_dns_domain(request_dns_name, dns_domain)
if msg:
return msg
def validate_fip_dns_name(data, max_len=db_constants.FQDN_FIELD_SIZE):
"""Validate DNS name for floating IP.
:param data: The data to validate.
:param max_len: An optional cap on the length of the string.
:returns: None if data is valid, otherwise a human readable message
indicating why validation failed.
"""
msg = validators.validate_string(data)
if msg:
return msg
if not data:
return
if data.endswith('.'):
msg = _("'%s' is a FQDN. It should be a relative domain name") % data
return msg
msg = _validate_dns_format(data, max_len)
if msg:
return msg
length = len(data)
if length > max_len - 3:
msg = _("'%(data)s' contains %(length)s characters. Adding a "
"domain name will cause it to exceed the maximum length "
"of a FQDN of '%(max_len)s'") % {"data": data,
"length": length,
"max_len": max_len}
return msg
def validate_dns_domain(data, max_len=db_constants.FQDN_FIELD_SIZE):
"""Validate DNS domain.
:param data: The data to validate.
:param max_len: An optional cap on the length of the string.
:returns: None if data is valid, otherwise a human readable message
indicating why validation failed.
"""
msg = validators.validate_string(data)
if msg:
return msg
if not data:
return
if not data.endswith('.'):
msg = _("'%s' is not a FQDN") % data
return msg
msg = _validate_dns_format(data, max_len)
if msg:
return msg
length = len(data)
if length > max_len - 2:
msg = _("'%(data)s' contains %(length)s characters. Adding a "
"sub-domain will cause it to exceed the maximum length of a "
"FQDN of '%(max_len)s'") % {"data": data,
"length": length,
"max_len": max_len}
return msg
|