From a81104c11d5f14e9cb2c0eaf2a75eaf86f667ce7 Mon Sep 17 00:00:00 2001 From: hagbard Date: Fri, 24 Aug 2018 16:17:27 -0700 Subject: T791: endpoint pattern doesn't need to be checked, wg returns an error message if it's not IP:port --- src/conf_mode/wireguard.py | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/conf_mode/wireguard.py b/src/conf_mode/wireguard.py index 8d76ab105..f90379f53 100755 --- a/src/conf_mode/wireguard.py +++ b/src/conf_mode/wireguard.py @@ -133,14 +133,13 @@ def verify(c): raise ConfigError("address required for interface " + i) if not c['interfaces'][i]['peer']: raise ConfigError("peer required on interface " + i) - else: - for p in c['interfaces'][i]['peer']: - if not c['interfaces'][i]['peer'][p]['allowed-ips']: - raise ConfigError("allowed-ips required on interface " + i + " for peer " + p) - if not c['interfaces'][i]['peer'][p]['pubkey']: - raise ConfigError("pubkey from your peer is mandatory on " + i + " for peer " + p) - ### endpoint needs to be IP:port, mabey verify it here, but consider IPv6 in the pattern + for p in c['interfaces'][i]['peer']: + if not c['interfaces'][i]['peer'][p]['allowed-ips']: + raise ConfigError("allowed-ips required on interface " + i + " for peer " + p) + if not c['interfaces'][i]['peer'][p]['pubkey']: + raise ConfigError("pubkey from your peer is mandatory on " + i + " for peer " + p) + def apply(c): ### no wg config left, delete all wireguard devices on the os -- cgit v1.2.3