Check if glue records are inside DarkNet

This commit is contained in:
Sebastian Lohff 2017-04-30 15:27:51 +02:00
parent 67ec9904b2
commit 278a44988e
1 changed files with 30 additions and 0 deletions

View File

@ -70,6 +70,36 @@ class NameserverForm(MntFormMixin, WhoisObjectFormMixin, forms.ModelForm):
instance = getattr(self, "instance", None)
self._create = not (instance and instance.pk)
def cleanNetwork(self, glue):
ip = ipaddress.ip_address(glue)
proto = InetNum.IPv4 if ip.version == 4 else InetNum.IPv6
nets = InetNum.objects.filter(parent_range=None, protocol=proto)
if len(nets) == 0:
raise forms.ValidationError("No range has been registered for IPv%s in the whois interface" % ip.version)
for net in nets:
if ip in net.getNetwork():
break
else:
raise forms.ValidationError("Glue record address is not inside DarkNet (subnet %s)" % ", ".join(map(lambda _x: _x.prefix(), nets)))
def clean_glueIPv4(self):
glue = self.cleaned_data['glueIPv4']
if glue:
self.cleanNetwork(glue)
return glue
def clean_glueIPv6(self):
glue = self.cleaned_data['glueIPv6']
if glue:
self.cleanNetwork(glue)
return glue
def clean_name(self):
name = self.cleaned_data['name'].lower().strip()
if not name.endswith("."):