diff options
-rw-r--r-- | Makefile.am | 5 | ||||
-rw-r--r-- | debian/changelog | 16 | ||||
-rwxr-xr-x | scripts/vyatta-interfaces.pl | 66 | ||||
-rw-r--r-- | src/common/unionfs.c | 3 | ||||
-rw-r--r-- | src/priority.c | 132 | ||||
-rw-r--r-- | templates/interfaces/ethernet/node.tag/address/node.def | 17 | ||||
-rw-r--r-- | templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def | 17 | ||||
-rw-r--r-- | templates/interfaces/loopback/node.tag/address/node.def | 5 |
8 files changed, 237 insertions, 24 deletions
diff --git a/Makefile.am b/Makefile.am index 217de7e..14a6cda 100644 --- a/Makefile.am +++ b/Makefile.am @@ -27,14 +27,15 @@ CLEANFILES = src/cli_parse.c src/cli_parse.h src/cli_def.c src/cli_val.c LDADD = src/libvyatta-cfg.la LDADD += /usr/lib/libglib-2.0.la - -sbin_PROGRAMS = src/my_commit1 +sbin_PROGRAMS = src/priority +sbin_PROGRAMS += src/my_commit1 sbin_PROGRAMS += src/my_commit2 sbin_PROGRAMS += src/exe_action sbin_PROGRAMS += src/dump sbin_PROGRAMS += src/my_delete sbin_PROGRAMS += src/my_set sbin_PROGRAMS += src/check_tmpl +src_priority_SOURCES = src/priority.c src_my_commit1_SOURCES = src/commit.c src_my_commit2_SOURCES = src/commit2.c src_exe_action_SOURCES = src/exe_action.c diff --git a/debian/changelog b/debian/changelog index c13f455..2de3626 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,19 @@ +vyatta-cfg (0.15.17) unstable; urgency=low + + [ Michael Larson ] + * fix for ptr magic on 64 bit system. looks like double ptr was + getting the missing the last 4 bytes on 64 bit copy. + * Priority file generator. This program will iterate over the + complete template tree and build the + + [ Bob Gilligan ] + * Bugfix 4700, 4269: Fix set and commit-time checks of ethernet + address values + * Bugfix 4700, 4269: Fix set and commit-time checks for ethernet vif + addresses too + + -- Bob Gilligan <gilligan@vyatta.com> Wed, 09 Sep 2009 17:39:26 -0700 + vyatta-cfg (0.15.16) unstable; urgency=low * Allow empty description diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index 567e3b7..0ae5330 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -47,7 +47,7 @@ use warnings; my $dhcp_daemon = '/sbin/dhclient'; -my ($eth_update, $eth_delete, $addr, $dev, $mac, $mac_update, $op_dhclient); +my ($eth_update, $eth_delete, $addr_set, @addr_commit, $dev, $mac, $mac_update, $op_dhclient); my ($check_name, $show_names, $intf_cli_path, $vif_name, $warn_name); my ($check_up, $show_path); my @speed_duplex; @@ -59,7 +59,8 @@ Usage: $0 --dev=<interface> --check=<type> $0 --dev=<interface> --valid-mac=<aa:aa:aa:aa:aa:aa> $0 --dev=<interface> --eth-addr-update=<aa:aa:aa:aa:aa:aa> $0 --dev=<interface> --eth-addr-delete=<aa:aa:aa:aa:aa:aa> - $0 --dev=<interface> --valid-addr={<a.b.c.d>|dhcp} + $0 --dev=<interface> --valid-addr-set={<a.b.c.d>|dhcp} + $0 --dev=<interface> --valid-addr-commit={addr1 addr2 ...} $0 --dev=<interface> --speed-duplex=speed,duplex $0 --dev=<interface> --path $0 --dev=<interface> --isup @@ -70,7 +71,9 @@ EOF GetOptions("eth-addr-update=s" => \$eth_update, "eth-addr-delete=s" => \$eth_delete, - "valid-addr=s" => \$addr, + "valid-addr=s" => \$addr_set, + "valid-addr-set=s" => \$addr_set, + "valid-addr-commit=s{,}" => \@addr_commit, "dev=s" => \$dev, "valid-mac=s" => \$mac, "set-mac=s" => \$mac_update, @@ -86,7 +89,8 @@ GetOptions("eth-addr-update=s" => \$eth_update, update_eth_addrs($eth_update, $dev) if ($eth_update); delete_eth_addrs($eth_delete, $dev) if ($eth_delete); -is_valid_addr($addr, $dev) if ($addr); +is_valid_addr_set($addr_set, $dev) if ($addr_set); +is_valid_addr_commit($dev, @addr_commit) if (@addr_commit); is_valid_mac($mac, $dev) if ($mac); update_mac($mac_update, $dev) if ($mac_update); op_dhcp_command($op_dhclient, $dev) if ($op_dhclient); @@ -339,7 +343,13 @@ sub is_valid_mac { exit 0; } -sub is_valid_addr { +# Validate an address parameter at the time the user enters it via +# a "set" command. This validates the parameter for syntax only. +# It does not validate it in combination with other parameters. +# Valid values are: "dhcp", <ipv4-address>/<prefix-len>, or +# <ipv6-address>/<prefix-len> +# +sub is_valid_addr_set { my ($addr_net, $intf) = @_; if ($addr_net eq "dhcp") { @@ -347,14 +357,6 @@ sub is_valid_addr { print "Error: can't use dhcp client on loopback interface\n"; exit 1; } - if (is_dhcp_enabled($intf)) { - print "Error: dhcp already configured for $intf\n"; - exit 1; - } - if (is_address_enabled($intf)) { - print "Error: remove static addresses before enabling dhcp for $intf\n"; - exit 1; - } exit 0; } @@ -393,11 +395,6 @@ sub is_valid_addr { } } - if (is_dhcp_enabled($intf)) { - print "Error: remove dhcp before adding static addresses for $intf\n"; - exit 1; - } - if (is_ip_duplicate($intf, $addr_net)) { print "Error: duplicate address/prefix [$addr_net]\n"; exit 1; @@ -417,6 +414,39 @@ sub is_valid_addr { exit 1; } +# Validate the set of address values configured on an interface at commit +# time. Syntax of address values is checked at set time, so is not +# checked here. Instead, we check that full set of address address +# values are consistent. The only rule that we enforce here is that +# one may not configure an interface with both a DHCP address and a static +# IPv4 address. +# +sub is_valid_addr_commit { + my ($intf, @addrs) = @_; + + my $static_v4 = 0; + my $dhcp = 0; + + foreach my $addr (@addrs) { + if ($addr eq "dhcp") { + $dhcp = 1; + } else { + my $version = is_ip_v4_or_v6($addr); + if ($version == 4) { + $static_v4 = 1; + } + } + } + + if ($static_v4 == 1 && $dhcp == 1) { + printf("Error configuring interface $intf: Can't configure static\n"); + printf("IPv4 address and DHCP on the same interface.\n"); + exit 1; + } + + exit 0; +} + sub op_dhcp_command { my ($op_command, $intf) = @_; diff --git a/src/common/unionfs.c b/src/common/unionfs.c index 5ef6618..6d71402 100644 --- a/src/common/unionfs.c +++ b/src/common/unionfs.c @@ -1039,7 +1039,8 @@ dlist_test_func(GQuark key_id,gpointer data,gpointer user_data) else { new_vn = vn; // strcat(new_vn->_data._path,"/"); - strcat(new_vn->_data._path,"/value"); + strcat(new_vn->_data._path,"/value:"); + strcat(new_vn->_data._path,(char*)g_quark_to_string(key_id)); } new_vn->_data._value = TRUE; strcpy(new_vn->_data._name,(char*)g_quark_to_string(key_id)); diff --git a/src/priority.c b/src/priority.c new file mode 100644 index 0000000..3b113f3 --- /dev/null +++ b/src/priority.c @@ -0,0 +1,132 @@ +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <syslog.h> +#include <dirent.h> +#include <sys/time.h> +#include <string.h> + + +void recurse(char *cur_dir,FILE *out); + +/** + * + * + **/ +void +usage(void) +{ + printf("priority: recurses templates and generates priority file\n"); + printf("\t-h\thelp\n"); + printf("\t-f\toutput file\n"); +} + + +/** + * + * + **/ +int +main(int argc, char** argv) +{ + int ch; + char *filename = NULL; + + //grab inputs + while ((ch = getopt(argc, argv, "hf:")) != -1) { + switch (ch) { + case 'h': + usage(); + exit(0); + case 'f': + filename = optarg; + //GET OUT FILE HERE + } + + if (filename == NULL) { + strcpy(filename,"priority"); + } + + FILE *fp = fopen(filename,"w"); + if (fp == NULL) { + printf("cannot open priority file. exiting...\n"); + } + + char root_dir[2048] = ""; + recurse(root_dir,fp); + fclose(fp); + } +} + + +/** + * On each priority node write out location and value and continue recursion + * + **/ +void +recurse(char *cur_dir,FILE *out) +{ + char root_path[] = "/opt/vyatta/share/vyatta-cfg/templates"; + char str[2048]; + //open and scan node.def + + char file[2048]; + sprintf(file,"%s/%s/node.def",root_path,cur_dir); + FILE *fp = fopen(file,"r"); + // printf("found node.def at: %s\n",file); + + if (fp != NULL) { + while (fgets(str, 1024, fp) != 0) { + if (strncmp("priority:",str,9) == 0) { + //retrieve value and write out... + + const char delimiters[] = " "; + char *running; + char *token; + + running = strdup(str); + token = strsep(&running, delimiters); + token = strsep(&running, delimiters); + + unsigned long val = strtoul(token,NULL,10); + if (val > 0 && val <= 1000) { + fwrite(token,1,strlen(token)-1,out); + fwrite(" ",1,1,out); + + //remove fixed path + //offset by 1 to remove the leading slash + fwrite(cur_dir+1,1,strlen(cur_dir)-1,out); + fwrite("\n",1,1,out); + } + break; + } + } + fclose(fp); + } + + + //now recurse the other directories here. + //iterate over directory here + + char path[2048]; + sprintf(path,"%s/%s",root_path,cur_dir); + DIR *dp; + if ((dp = opendir(path)) == NULL) { + return; + } + + //finally iterate over valid child directory entries + struct dirent *dirp = NULL; + while ((dirp = readdir(dp)) != NULL) { + if (strcmp(dirp->d_name, ".") != 0 && + strcmp(dirp->d_name, "..") != 0 && + strcmp(dirp->d_name, "node.def") != 0) { + char local_dir[2048]; + strcpy(local_dir,cur_dir); + strcat(local_dir,"/"); + strcat(local_dir,dirp->d_name); + recurse(local_dir,out); + } + } + closedir(dp); +} diff --git a/templates/interfaces/ethernet/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/address/node.def index dd4d5fa..db87ff0 100644 --- a/templates/interfaces/ethernet/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/address/node.def @@ -1,11 +1,26 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"\ + +# Syntax check at "set" time. Give curent address value to script +# so that it can perform syntax check. +# +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"\ ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" + +# Syntax check at "commit" time. Pass all address values to script so that +# it can perform consistency check. +# +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../@)" + create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@) + delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@) + allowed: echo "dhcp <>" + comp_help:Possible completions: <x.x.x.x/x> Set the IP address and prefix length <h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def index 4c93905..a5edef6 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def @@ -1,11 +1,26 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../../@).$VAR(../@) "\ + +# Syntax check at "set" time. Give curent address value to script +# so that it can perform syntax check. +# +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../../@).$VAR(../@) "\ ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)" + +# Syntax check at "commit" time. Pass all address values to script so that +# it can perform consistency check. +# +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../../@).$VAR(../@)" + create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) + delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) + allowed: echo "dhcp <>" + comp_help:Possible completions: <x.x.x.x/x> Set the IP address and prefix length <h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length diff --git a/templates/interfaces/loopback/node.tag/address/node.def b/templates/interfaces/loopback/node.tag/address/node.def index 29e8973..76c2e76 100644 --- a/templates/interfaces/loopback/node.tag/address/node.def +++ b/templates/interfaces/loopback/node.tag/address/node.def @@ -1,7 +1,10 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; \ + +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"; \ "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; \ |