From 9ebf4db1296a0df870a47a32e3f0a66f8da16266 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 4 Jan 2023 20:12:47 +0100 Subject: ssh: T4922: extend verify() when both source-address and source-interface is used We need to ensure that source-address is assigned on source-interface before applying the configuration, else SSH client will have a hard time talking to someone. (cherry picked from commit d1ef90e1eb51334b99ad716969e17c7f257e1a39) --- src/conf_mode/system-option.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'src/conf_mode/system-option.py') diff --git a/src/conf_mode/system-option.py b/src/conf_mode/system-option.py index fcdaa9676..a112c2b6f 100755 --- a/src/conf_mode/system-option.py +++ b/src/conf_mode/system-option.py @@ -26,6 +26,7 @@ from vyos.configverify import verify_source_interface from vyos.template import render from vyos.util import cmd from vyos.validate import is_addr_assigned +from vyos.validate import is_intf_addr_assigned from vyos.xml import defaults from vyos import ConfigError from vyos import airbag @@ -68,10 +69,17 @@ def verify(options): if 'ssh_client' in options: config = options['ssh_client'] if 'source_address' in config: + address = config['source_address'] if not is_addr_assigned(config['source_address']): - raise ConfigError('No interface with give address specified!') + raise ConfigError('No interface with address "{address}" configured!') + if 'source_interface' in config: verify_source_interface(config) + if 'source_address' in config: + address = config['source_address'] + interface = config['source_interface'] + if not is_intf_addr_assigned(interface, address): + raise ConfigError(f'Address "{address}" not assigned on interface "{interface}"!') return None -- cgit v1.2.3