summaryrefslogtreecommitdiff
path: root/src/leap/services
diff options
context:
space:
mode:
authorkali <kali@leap.se>2013-05-01 04:41:11 +0900
committerkali <kali@leap.se>2013-05-01 04:41:11 +0900
commit2370950c7e2d15355daa95a01f20e77786da742e (patch)
tree48ca59704d3414321d87f4fe521dd90bdc5ecc97 /src/leap/services
parent6acb92af4fef12ec0fad3741c58dee8ae3457d12 (diff)
sanitize ip address
Diffstat (limited to 'src/leap/services')
-rw-r--r--src/leap/services/eip/eipconfig.py5
-rw-r--r--src/leap/services/eip/tests/test_eipconfig.py22
2 files changed, 24 insertions, 3 deletions
diff --git a/src/leap/services/eip/eipconfig.py b/src/leap/services/eip/eipconfig.py
index baf26bca..e6b93647 100644
--- a/src/leap/services/eip/eipconfig.py
+++ b/src/leap/services/eip/eipconfig.py
@@ -36,6 +36,7 @@ class EIPConfig(BaseConfig):
"""
OPENVPN_ALLOWED_KEYS = ("auth", "cipher", "tls-cipher")
OPENVPN_CIPHERS_REGEX = re.compile("[A-Z0-9\-]+")
+ IP_REGEX = re.compile("^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$")
def __init__(self):
BaseConfig.__init__(self)
@@ -90,7 +91,9 @@ class EIPConfig(BaseConfig):
index = 0
logger.warning("Provided an unknown gateway index %s, " +
"defaulting to 0")
- return gateways[0]["ip_address"]
+ ip_addr = gateways[0]["ip_address"]
+ if self.IP_REGEX.search(ip_addr):
+ return ip_addr
def get_client_cert_path(self,
providerconfig=None,
diff --git a/src/leap/services/eip/tests/test_eipconfig.py b/src/leap/services/eip/tests/test_eipconfig.py
index 1675472f..ce04c2fc 100644
--- a/src/leap/services/eip/tests/test_eipconfig.py
+++ b/src/leap/services/eip/tests/test_eipconfig.py
@@ -114,9 +114,9 @@ class EIPConfigTest(BaseLeapTest):
self.assertEqual(
config.get_clusters(), None)
- def test_openvpnoptions(self):
+ def test_sanitize_config(self):
"""
- check the sanitization of openvpn options
+ check the sanitization of options
"""
# extra parameters
data = copy.deepcopy(sample_config)
@@ -169,6 +169,24 @@ class EIPConfigTest(BaseLeapTest):
{'cipher': 'AES-128-CBC',
'tls-cipher': 'DHE-RSA-AES128-SHA'})
+ # bad_ip
+ data = copy.deepcopy(sample_config)
+ data['gateways'][0]["ip_address"] = "11.22.33.44;"
+ self.write_config(data)
+ config = EIPConfig()
+ config.load(self.configfile)
+ self.assertEqual(
+ config.get_gateway_ip(),
+ None)
+
+ data = copy.deepcopy(sample_config)
+ data['gateways'][0]["ip_address"] = "11.22.33.44`"
+ self.write_config(data)
+ config = EIPConfig()
+ config.load(self.configfile)
+ self.assertEqual(
+ config.get_gateway_ip(),
+ None)
if __name__ == "__main__":
unittest.main()