summaryrefslogtreecommitdiff
path: root/src/conf_mode/ipsec-settings.py
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2022-09-14 15:11:01 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2022-09-14 15:11:01 +0000
commit3629f376c26bbc22b94fbd5e9bbe789d08e2caa6 (patch)
treec75c86280700659da8eb2b53eaa8fdf7d3406b62 /src/conf_mode/ipsec-settings.py
parentb9678136eac767ece3d5a5e53f9f2b9c47c7477a (diff)
downloadvyos-1x-3629f376c26bbc22b94fbd5e9bbe789d08e2caa6.tar.gz
vyos-1x-3629f376c26bbc22b94fbd5e9bbe789d08e2caa6.zip
openvpn: T4679: Fix incorrect verify local and remote address
In the OpenVPN site-to-site config we can use IPv6 peers without IPv4 configurations but "verify()" checks also local and remote IPv4 addresses that in this case will be empty lists For example: set interfaces openvpn vtun2 local-address 2001:db8::1 set interfaces openvpn vtun2 remote-address 2001:db8::2 Check in the commit (v4loAddr == v4remAddr) <= both empty lists commit DEBUG: [] == [] or ['2001:db8::2'] == [] So we should also check v4loAddr, v4remAddr, v6loAddr, v6remAddr are not empty
Diffstat (limited to 'src/conf_mode/ipsec-settings.py')
0 files changed, 0 insertions, 0 deletions