diff options
| author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-14 15:11:01 +0000 |
|---|---|---|
| committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-14 15:11:01 +0000 |
| commit | 3629f376c26bbc22b94fbd5e9bbe789d08e2caa6 (patch) | |
| tree | c75c86280700659da8eb2b53eaa8fdf7d3406b62 /python | |
| parent | b9678136eac767ece3d5a5e53f9f2b9c47c7477a (diff) | |
| download | vyos-1x-3629f376c26bbc22b94fbd5e9bbe789d08e2caa6.tar.gz vyos-1x-3629f376c26bbc22b94fbd5e9bbe789d08e2caa6.zip | |
openvpn: T4679: Fix incorrect verify local and remote address
In the OpenVPN site-to-site config we can use IPv6 peers
without IPv4 configurations but "verify()" checks also local and
remote IPv4 addresses that in this case will be empty lists
For example:
set interfaces openvpn vtun2 local-address 2001:db8::1
set interfaces openvpn vtun2 remote-address 2001:db8::2
Check in the commit (v4loAddr == v4remAddr) <= both empty lists
commit
DEBUG: [] == [] or ['2001:db8::2'] == []
So we should also check v4loAddr, v4remAddr, v6loAddr, v6remAddr
are not empty
Diffstat (limited to 'python')
| -rw-r--r-- | python/vyos/util.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/python/vyos/util.py b/python/vyos/util.py index 554614b30..1c4102e90 100644 --- a/python/vyos/util.py +++ b/python/vyos/util.py @@ -1,4 +1,4 @@ -# Copyright 2020-2021 VyOS maintainers and contributors <maintainers@vyos.io> +# Copyright 2020-2022 VyOS maintainers and contributors <maintainers@vyos.io> # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -623,6 +623,11 @@ def is_admin() -> bool: (_, _, _, admin_group_members) = getgrnam('sudo') return current_user in admin_group_members +def is_list_equal(first: list, second: list) -> bool: + """ Check if 2 lists are equal and list not empty """ + if len(first) != len(second) or len(first) == 0: + return False + return sorted(first) == sorted(second) def mac2eui64(mac, prefix=None): """ |