diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-14 15:11:01 +0000 |
---|---|---|
committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-14 15:11:01 +0000 |
commit | 3629f376c26bbc22b94fbd5e9bbe789d08e2caa6 (patch) | |
tree | c75c86280700659da8eb2b53eaa8fdf7d3406b62 /src/conf_mode/ipsec-settings.py | |
parent | b9678136eac767ece3d5a5e53f9f2b9c47c7477a (diff) | |
download | vyos-1x-3629f376c26bbc22b94fbd5e9bbe789d08e2caa6.tar.gz vyos-1x-3629f376c26bbc22b94fbd5e9bbe789d08e2caa6.zip |
openvpn: T4679: Fix incorrect verify local and remote address
In the OpenVPN site-to-site config we can use IPv6 peers
without IPv4 configurations but "verify()" checks also local and
remote IPv4 addresses that in this case will be empty lists
For example:
set interfaces openvpn vtun2 local-address 2001:db8::1
set interfaces openvpn vtun2 remote-address 2001:db8::2
Check in the commit (v4loAddr == v4remAddr) <= both empty lists
commit
DEBUG: [] == [] or ['2001:db8::2'] == []
So we should also check v4loAddr, v4remAddr, v6loAddr, v6remAddr
are not empty
Diffstat (limited to 'src/conf_mode/ipsec-settings.py')
0 files changed, 0 insertions, 0 deletions