summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile.am5
-rw-r--r--debian/changelog16
-rwxr-xr-xscripts/vyatta-interfaces.pl66
-rw-r--r--src/common/unionfs.c3
-rw-r--r--src/priority.c132
-rw-r--r--templates/interfaces/ethernet/node.tag/address/node.def17
-rw-r--r--templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def17
-rw-r--r--templates/interfaces/loopback/node.tag/address/node.def5
8 files changed, 237 insertions, 24 deletions
diff --git a/Makefile.am b/Makefile.am
index 217de7e..14a6cda 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -27,14 +27,15 @@ CLEANFILES = src/cli_parse.c src/cli_parse.h src/cli_def.c src/cli_val.c
LDADD = src/libvyatta-cfg.la
LDADD += /usr/lib/libglib-2.0.la
-
-sbin_PROGRAMS = src/my_commit1
+sbin_PROGRAMS = src/priority
+sbin_PROGRAMS += src/my_commit1
sbin_PROGRAMS += src/my_commit2
sbin_PROGRAMS += src/exe_action
sbin_PROGRAMS += src/dump
sbin_PROGRAMS += src/my_delete
sbin_PROGRAMS += src/my_set
sbin_PROGRAMS += src/check_tmpl
+src_priority_SOURCES = src/priority.c
src_my_commit1_SOURCES = src/commit.c
src_my_commit2_SOURCES = src/commit2.c
src_exe_action_SOURCES = src/exe_action.c
diff --git a/debian/changelog b/debian/changelog
index c13f455..2de3626 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,19 @@
+vyatta-cfg (0.15.17) unstable; urgency=low
+
+ [ Michael Larson ]
+ * fix for ptr magic on 64 bit system. looks like double ptr was
+ getting the missing the last 4 bytes on 64 bit copy.
+ * Priority file generator. This program will iterate over the
+ complete template tree and build the
+
+ [ Bob Gilligan ]
+ * Bugfix 4700, 4269: Fix set and commit-time checks of ethernet
+ address values
+ * Bugfix 4700, 4269: Fix set and commit-time checks for ethernet vif
+ addresses too
+
+ -- Bob Gilligan <gilligan@vyatta.com> Wed, 09 Sep 2009 17:39:26 -0700
+
vyatta-cfg (0.15.16) unstable; urgency=low
* Allow empty description
diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl
index 567e3b7..0ae5330 100755
--- a/scripts/vyatta-interfaces.pl
+++ b/scripts/vyatta-interfaces.pl
@@ -47,7 +47,7 @@ use warnings;
my $dhcp_daemon = '/sbin/dhclient';
-my ($eth_update, $eth_delete, $addr, $dev, $mac, $mac_update, $op_dhclient);
+my ($eth_update, $eth_delete, $addr_set, @addr_commit, $dev, $mac, $mac_update, $op_dhclient);
my ($check_name, $show_names, $intf_cli_path, $vif_name, $warn_name);
my ($check_up, $show_path);
my @speed_duplex;
@@ -59,7 +59,8 @@ Usage: $0 --dev=<interface> --check=<type>
$0 --dev=<interface> --valid-mac=<aa:aa:aa:aa:aa:aa>
$0 --dev=<interface> --eth-addr-update=<aa:aa:aa:aa:aa:aa>
$0 --dev=<interface> --eth-addr-delete=<aa:aa:aa:aa:aa:aa>
- $0 --dev=<interface> --valid-addr={<a.b.c.d>|dhcp}
+ $0 --dev=<interface> --valid-addr-set={<a.b.c.d>|dhcp}
+ $0 --dev=<interface> --valid-addr-commit={addr1 addr2 ...}
$0 --dev=<interface> --speed-duplex=speed,duplex
$0 --dev=<interface> --path
$0 --dev=<interface> --isup
@@ -70,7 +71,9 @@ EOF
GetOptions("eth-addr-update=s" => \$eth_update,
"eth-addr-delete=s" => \$eth_delete,
- "valid-addr=s" => \$addr,
+ "valid-addr=s" => \$addr_set,
+ "valid-addr-set=s" => \$addr_set,
+ "valid-addr-commit=s{,}" => \@addr_commit,
"dev=s" => \$dev,
"valid-mac=s" => \$mac,
"set-mac=s" => \$mac_update,
@@ -86,7 +89,8 @@ GetOptions("eth-addr-update=s" => \$eth_update,
update_eth_addrs($eth_update, $dev) if ($eth_update);
delete_eth_addrs($eth_delete, $dev) if ($eth_delete);
-is_valid_addr($addr, $dev) if ($addr);
+is_valid_addr_set($addr_set, $dev) if ($addr_set);
+is_valid_addr_commit($dev, @addr_commit) if (@addr_commit);
is_valid_mac($mac, $dev) if ($mac);
update_mac($mac_update, $dev) if ($mac_update);
op_dhcp_command($op_dhclient, $dev) if ($op_dhclient);
@@ -339,7 +343,13 @@ sub is_valid_mac {
exit 0;
}
-sub is_valid_addr {
+# Validate an address parameter at the time the user enters it via
+# a "set" command. This validates the parameter for syntax only.
+# It does not validate it in combination with other parameters.
+# Valid values are: "dhcp", <ipv4-address>/<prefix-len>, or
+# <ipv6-address>/<prefix-len>
+#
+sub is_valid_addr_set {
my ($addr_net, $intf) = @_;
if ($addr_net eq "dhcp") {
@@ -347,14 +357,6 @@ sub is_valid_addr {
print "Error: can't use dhcp client on loopback interface\n";
exit 1;
}
- if (is_dhcp_enabled($intf)) {
- print "Error: dhcp already configured for $intf\n";
- exit 1;
- }
- if (is_address_enabled($intf)) {
- print "Error: remove static addresses before enabling dhcp for $intf\n";
- exit 1;
- }
exit 0;
}
@@ -393,11 +395,6 @@ sub is_valid_addr {
}
}
- if (is_dhcp_enabled($intf)) {
- print "Error: remove dhcp before adding static addresses for $intf\n";
- exit 1;
- }
-
if (is_ip_duplicate($intf, $addr_net)) {
print "Error: duplicate address/prefix [$addr_net]\n";
exit 1;
@@ -417,6 +414,39 @@ sub is_valid_addr {
exit 1;
}
+# Validate the set of address values configured on an interface at commit
+# time. Syntax of address values is checked at set time, so is not
+# checked here. Instead, we check that full set of address address
+# values are consistent. The only rule that we enforce here is that
+# one may not configure an interface with both a DHCP address and a static
+# IPv4 address.
+#
+sub is_valid_addr_commit {
+ my ($intf, @addrs) = @_;
+
+ my $static_v4 = 0;
+ my $dhcp = 0;
+
+ foreach my $addr (@addrs) {
+ if ($addr eq "dhcp") {
+ $dhcp = 1;
+ } else {
+ my $version = is_ip_v4_or_v6($addr);
+ if ($version == 4) {
+ $static_v4 = 1;
+ }
+ }
+ }
+
+ if ($static_v4 == 1 && $dhcp == 1) {
+ printf("Error configuring interface $intf: Can't configure static\n");
+ printf("IPv4 address and DHCP on the same interface.\n");
+ exit 1;
+ }
+
+ exit 0;
+}
+
sub op_dhcp_command {
my ($op_command, $intf) = @_;
diff --git a/src/common/unionfs.c b/src/common/unionfs.c
index 5ef6618..6d71402 100644
--- a/src/common/unionfs.c
+++ b/src/common/unionfs.c
@@ -1039,7 +1039,8 @@ dlist_test_func(GQuark key_id,gpointer data,gpointer user_data)
else {
new_vn = vn;
// strcat(new_vn->_data._path,"/");
- strcat(new_vn->_data._path,"/value");
+ strcat(new_vn->_data._path,"/value:");
+ strcat(new_vn->_data._path,(char*)g_quark_to_string(key_id));
}
new_vn->_data._value = TRUE;
strcpy(new_vn->_data._name,(char*)g_quark_to_string(key_id));
diff --git a/src/priority.c b/src/priority.c
new file mode 100644
index 0000000..3b113f3
--- /dev/null
+++ b/src/priority.c
@@ -0,0 +1,132 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <syslog.h>
+#include <dirent.h>
+#include <sys/time.h>
+#include <string.h>
+
+
+void recurse(char *cur_dir,FILE *out);
+
+/**
+ *
+ *
+ **/
+void
+usage(void)
+{
+ printf("priority: recurses templates and generates priority file\n");
+ printf("\t-h\thelp\n");
+ printf("\t-f\toutput file\n");
+}
+
+
+/**
+ *
+ *
+ **/
+int
+main(int argc, char** argv)
+{
+ int ch;
+ char *filename = NULL;
+
+ //grab inputs
+ while ((ch = getopt(argc, argv, "hf:")) != -1) {
+ switch (ch) {
+ case 'h':
+ usage();
+ exit(0);
+ case 'f':
+ filename = optarg;
+ //GET OUT FILE HERE
+ }
+
+ if (filename == NULL) {
+ strcpy(filename,"priority");
+ }
+
+ FILE *fp = fopen(filename,"w");
+ if (fp == NULL) {
+ printf("cannot open priority file. exiting...\n");
+ }
+
+ char root_dir[2048] = "";
+ recurse(root_dir,fp);
+ fclose(fp);
+ }
+}
+
+
+/**
+ * On each priority node write out location and value and continue recursion
+ *
+ **/
+void
+recurse(char *cur_dir,FILE *out)
+{
+ char root_path[] = "/opt/vyatta/share/vyatta-cfg/templates";
+ char str[2048];
+ //open and scan node.def
+
+ char file[2048];
+ sprintf(file,"%s/%s/node.def",root_path,cur_dir);
+ FILE *fp = fopen(file,"r");
+ // printf("found node.def at: %s\n",file);
+
+ if (fp != NULL) {
+ while (fgets(str, 1024, fp) != 0) {
+ if (strncmp("priority:",str,9) == 0) {
+ //retrieve value and write out...
+
+ const char delimiters[] = " ";
+ char *running;
+ char *token;
+
+ running = strdup(str);
+ token = strsep(&running, delimiters);
+ token = strsep(&running, delimiters);
+
+ unsigned long val = strtoul(token,NULL,10);
+ if (val > 0 && val <= 1000) {
+ fwrite(token,1,strlen(token)-1,out);
+ fwrite(" ",1,1,out);
+
+ //remove fixed path
+ //offset by 1 to remove the leading slash
+ fwrite(cur_dir+1,1,strlen(cur_dir)-1,out);
+ fwrite("\n",1,1,out);
+ }
+ break;
+ }
+ }
+ fclose(fp);
+ }
+
+
+ //now recurse the other directories here.
+ //iterate over directory here
+
+ char path[2048];
+ sprintf(path,"%s/%s",root_path,cur_dir);
+ DIR *dp;
+ if ((dp = opendir(path)) == NULL) {
+ return;
+ }
+
+ //finally iterate over valid child directory entries
+ struct dirent *dirp = NULL;
+ while ((dirp = readdir(dp)) != NULL) {
+ if (strcmp(dirp->d_name, ".") != 0 &&
+ strcmp(dirp->d_name, "..") != 0 &&
+ strcmp(dirp->d_name, "node.def") != 0) {
+ char local_dir[2048];
+ strcpy(local_dir,cur_dir);
+ strcat(local_dir,"/");
+ strcat(local_dir,dirp->d_name);
+ recurse(local_dir,out);
+ }
+ }
+ closedir(dp);
+}
diff --git a/templates/interfaces/ethernet/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/address/node.def
index dd4d5fa..db87ff0 100644
--- a/templates/interfaces/ethernet/node.tag/address/node.def
+++ b/templates/interfaces/ethernet/node.tag/address/node.def
@@ -1,11 +1,26 @@
multi:
+
type: txt
+
help: Set an IP address for this interface
-syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"\
+
+# Syntax check at "set" time. Give curent address value to script
+# so that it can perform syntax check.
+#
+syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"\
; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)"
+
+# Syntax check at "commit" time. Pass all address values to script so that
+# it can perform consistency check.
+#
+commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../@)"
+
create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)
+
delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)
+
allowed: echo "dhcp <>"
+
comp_help:Possible completions:
<x.x.x.x/x> Set the IP address and prefix length
<h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def
index 4c93905..a5edef6 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def
@@ -1,11 +1,26 @@
multi:
+
type: txt
+
help: Set an IP address for this interface
-syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../../@).$VAR(../@) "\
+
+# Syntax check at "set" time. Give curent address value to script
+# so that it can perform syntax check.
+#
+syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../../@).$VAR(../@) "\
; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)"
+
+# Syntax check at "commit" time. Pass all address values to script so that
+# it can perform consistency check.
+#
+commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../../@).$VAR(../@)"
+
create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@)
+
delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@)
+
allowed: echo "dhcp <>"
+
comp_help:Possible completions:
<x.x.x.x/x> Set the IP address and prefix length
<h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length
diff --git a/templates/interfaces/loopback/node.tag/address/node.def b/templates/interfaces/loopback/node.tag/address/node.def
index 29e8973..76c2e76 100644
--- a/templates/interfaces/loopback/node.tag/address/node.def
+++ b/templates/interfaces/loopback/node.tag/address/node.def
@@ -1,7 +1,10 @@
multi:
+
type: txt
+
help: Set an IP address for this interface
-syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; \
+
+syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"; \
"Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)"
create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; \