diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-09 10:38:46 +0000 |
---|---|---|
committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-14 13:52:03 +0000 |
commit | f7bab4058d8677079db32bdc2e6c452267b98694 (patch) | |
tree | f35f6d2b99948657c27a017338791cfc6e755cf4 /src/conf_mode/zone_policy.py | |
parent | cb1bbc040b2e655e4ee8a30fbfccfa7dd8612f2f (diff) | |
download | vyos-1x-f7bab4058d8677079db32bdc2e6c452267b98694.tar.gz vyos-1x-f7bab4058d8677079db32bdc2e6c452267b98694.zip |
openvpn: T4679: Fix incorrect verify local and remote address
In the OpenVPN site-to-site config we can use IPv6 peers
without IPv4 configurations but "verify()" checks also local and
remote IPv4 addresses that in this case will be empty lists
For example:
set interfaces openvpn vtun2 local-address 2001:db8::1
set interfaces openvpn vtun2 remote-address 2001:db8::2
Check in the commit (v4loAddr == v4remAddr) <= both empty lists
commit
DEBUG: [] == [] or ['2001:db8::2'] == []
So we should also check v4loAddr, v4remAddr, v6loAddr, v6remAddr
are not empty
Diffstat (limited to 'src/conf_mode/zone_policy.py')
0 files changed, 0 insertions, 0 deletions