diff options
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/protocols_rip.py | 11 | ||||
| -rwxr-xr-x | src/migration-scripts/interfaces/18-to-19 | 94 | ||||
| -rwxr-xr-x | src/migration-scripts/rpki/0-to-1 | 7 | ||||
| -rwxr-xr-x | src/migration-scripts/system/18-to-19 | 4 |
4 files changed, 64 insertions, 52 deletions
diff --git a/src/conf_mode/protocols_rip.py b/src/conf_mode/protocols_rip.py index bb3790fb2..06d7c6d49 100755 --- a/src/conf_mode/protocols_rip.py +++ b/src/conf_mode/protocols_rip.py @@ -89,6 +89,16 @@ def verify(rip): if prefix_list_out and prefix_list_out.replace('-','_') not in (dict_search('policy.prefix_list', rip) or []): raise ConfigError(f'Outbound prefix-list "{prefix_list_out}" does not exist!') + if 'interface' in rip: + for interface, interface_options in rip['interface'].items(): + if 'authentication' in interface_options: + if {'md5', 'plaintext_password'} <= set(interface_options['authentication']): + raise ConfigError('Can not use both md5 and plaintext-password at the same time!') + if 'split_horizon' in interface_options: + if {'disable', 'poison_reverse'} <= set(interface_options['split_horizon']): + raise ConfigError(f'You can not have "split-horizon poison-reverse" enabled ' \ + f'with "split-horizon disable" for "{interface}"!') + verify_route_maps(rip) def generate(rip): @@ -106,6 +116,7 @@ def apply(rip): # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(frr_daemon) + frr_cfg.modify_section(r'key chain \S+', '') frr_cfg.modify_section(r'interface \S+', '') frr_cfg.modify_section('router rip', '') frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', rip['new_frr_config']) diff --git a/src/migration-scripts/interfaces/18-to-19 b/src/migration-scripts/interfaces/18-to-19 index 965b76a04..31e253098 100755 --- a/src/migration-scripts/interfaces/18-to-19 +++ b/src/migration-scripts/interfaces/18-to-19 @@ -18,6 +18,34 @@ from sys import argv from sys import exit from vyos.configtree import ConfigTree +def migrate_ospf(config, path, interface): + path = path + ['ospf'] + if config.exists(path): + new_base = ['protocols', 'ospf', 'interface'] + config.set(new_base) + config.set_tag(new_base) + config.copy(path, new_base + [interface]) + config.delete(path) + + # if "ip ospf" was the only setting, we can clean out the empty + # ip node afterwards + if len(config.list_nodes(path[:-1])) == 0: + config.delete(path[:-1]) + +def migrate_rip(config, path, interface): + path = path + ['rip'] + if config.exists(path): + new_base = ['protocols', 'rip', 'interface'] + config.set(new_base) + config.set_tag(new_base) + config.copy(path, new_base + [interface]) + config.delete(path) + + # if "ip rip" was the only setting, we can clean out the empty + # ip node afterwards + if len(config.list_nodes(path[:-1])) == 0: + config.delete(path[:-1]) + if __name__ == '__main__': if (len(argv) < 1): print("Must specify file name!") @@ -34,64 +62,33 @@ if __name__ == '__main__': # for type in config.list_nodes(['interfaces']): for interface in config.list_nodes(['interfaces', type]): - - ip_ospf = ['interfaces', type, interface, 'ip', 'ospf'] - if config.exists(ip_ospf): - config.set(['protocols', 'ospf', 'interface']) - config.set_tag(['protocols', 'ospf', 'interface']) - config.copy(ip_ospf, ['protocols', 'ospf', 'interface', interface]) - config.delete(ip_ospf) - - # if "ip ospf" was the only setting, we can clean out the empty - # ip node afterwards - if len(config.list_nodes(ip_ospf[:-1])) == 0: - config.delete(ip_ospf[:-1]) + if_base = ['interfaces', type, interface, 'ip'] + migrate_rip(config, if_base, interface) + migrate_ospf(config, if_base, interface) vif_path = ['interfaces', type, interface, 'vif'] if config.exists(vif_path): for vif in config.list_nodes(vif_path): - vif_ospf_path = vif_path + [vif, 'ip', 'ospf'] - if config.exists(vif_ospf_path): - config.set(['protocols', 'ospf', 'interface']) - config.set_tag(['protocols', 'ospf', 'interface']) - config.copy(vif_ospf_path, ['protocols', 'ospf', 'interface', f'{interface}.{vif}']) - config.delete(vif_ospf_path) - - # if "ip ospf" was the only setting, we can clean out the empty - # ip node afterwards - if len(config.list_nodes(vif_ospf_path[:-1])) == 0: - config.delete(vif_ospf_path[:-1]) + vif_if_base = vif_path + [vif, 'ip'] + migrate_rip(config, vif_if_base, f'{interface}.{vif}') + migrate_ospf(config, vif_if_base, f'{interface}.{vif}') vif_s_path = ['interfaces', type, interface, 'vif-s'] if config.exists(vif_s_path): for vif_s in config.list_nodes(vif_s_path): - vif_s_ospf_path = vif_s_path + [vif_s, 'ip', 'ospf'] - if config.exists(vif_s_ospf_path): - config.set(['protocols', 'ospf', 'interface']) - config.set_tag(['protocols', 'ospf', 'interface']) - config.copy(vif_s_ospf_path, ['protocols', 'ospf', 'interface', f'{interface}.{vif_s}']) + vif_s_if_base = vif_s_path + [vif_s, 'ip'] - vif_c_path = ['interfaces', type, interface, 'vif-s', vif_s, 'vif-c'] - if config.exists(vif_c_path): - for vif_c in config.list_nodes(vif_c_path): - vif_c_ospf_path = vif_c_path + [vif_c, 'ip', 'ospf'] - if config.exists(vif_c_ospf_path): - config.set(['protocols', 'ospf', 'interface']) - config.set_tag(['protocols', 'ospf', 'interface']) - config.copy(vif_c_ospf_path, ['protocols', 'ospf', 'interface', f'{interface}.{vif_s}.{vif_c}']) - config.delete(vif_c_ospf_path) + # vif-c interfaces MUST be migrated before their parent vif-s + # interface as the migrate_*() functions delete the path! + vif_c_path = ['interfaces', type, interface, 'vif-s', vif_s, 'vif-c'] + if config.exists(vif_c_path): + for vif_c in config.list_nodes(vif_c_path): + vif_c_if_base = vif_c_path + [vif_c, 'ip'] + migrate_rip(config, vif_c_if_base, f'{interface}.{vif_s}.{vif_c}') + migrate_ospf(config, vif_c_if_base, f'{interface}.{vif_s}.{vif_c}') - # if "ip ospf" was the only setting, we can clean out the empty - # ip node afterwards - if len(config.list_nodes(vif_c_ospf_path[:-1])) == 0: - config.delete(vif_c_ospf_path[:-1]) - - config.delete(vif_s_ospf_path) - - # if "ip ospf" was the only setting, we can clean out the empty - # ip node afterwards - if len(config.list_nodes(vif_s_ospf_path[:-1])) == 0: - config.delete(vif_s_ospf_path[:-1]) + migrate_rip(config, vif_s_if_base, f'{interface}.{vif_s}') + migrate_ospf(config, vif_s_if_base, f'{interface}.{vif_s}') try: with open(file_name, 'w') as f: @@ -99,4 +96,3 @@ if __name__ == '__main__': except OSError as e: print("Failed to save the modified config: {}".format(e)) exit(1) - diff --git a/src/migration-scripts/rpki/0-to-1 b/src/migration-scripts/rpki/0-to-1 index 9058af016..5b4893205 100755 --- a/src/migration-scripts/rpki/0-to-1 +++ b/src/migration-scripts/rpki/0-to-1 @@ -48,7 +48,12 @@ if config.exists(base + ['cache']): # Increase preference for the next caching peer - actually VyOS 1.2 # supported only one but better save then sorry (T3253) preference += 1 - config.rename(base + ['cache', cache], address) + + # T3293: If the RPKI cache name equals the configured address, + # renaming is not possible, as rename expects the new path to not + # exist. + if not config.exists(base + ['cache', address]): + config.rename(base + ['cache', cache], address) try: with open(file_name, 'w') as f: diff --git a/src/migration-scripts/system/18-to-19 b/src/migration-scripts/system/18-to-19 index dd2abce00..fd0e15d42 100755 --- a/src/migration-scripts/system/18-to-19 +++ b/src/migration-scripts/system/18-to-19 @@ -80,8 +80,8 @@ else: dhcp_interfaces.append(f'{intf}.{vif_s}') # try vif-c - if config.exists(intf_base + ['vif-c', vif_c]): - for vif_c in config.list_nodes(vif_s_base + ['vif-c', vif_c]): + if config.exists(intf_base + ['vif-c']): + for vif_c in config.list_nodes(vif_s_base + ['vif-c']): vif_c_base = vif_s_base + ['vif-c', vif_c] if config.exists(vif_c_base + ['address']): for addr in config.return_values(vif_c_base + ['address']): |