From 4caf959577c2b4351ba45f71dcaee55484970430 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 3 Nov 2017 14:58:17 +0100 Subject: T281: Add https support to the load command --- etc/bash_completion.d/vyatta-cfg | 1 + scripts/vyatta-load-config.pl | 12 ++++++------ 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/etc/bash_completion.d/vyatta-cfg b/etc/bash_completion.d/vyatta-cfg index 22f9dd3..7e37e74 100755 --- a/etc/bash_completion.d/vyatta-cfg +++ b/etc/bash_completion.d/vyatta-cfg @@ -198,6 +198,7 @@ vyatta_loadsave_complete() echo -e " sftp://:@/\tLoad from file on remote machine" echo -e " ftp://:@/\tLoad from file on remote machine" echo -e " http:///\t\t\tLoad from file on remote machine" + echo -e " https:///\t\t\tLoad from file on remote machine" echo -e " tftp:///\t\t\tLoad from file on remote machine" elif [ "$command" = "merge" ]; then echo -e " \t\t\t\tMerge from system config file" diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl index 517b7ff..de6d9ab 100755 --- a/scripts/vyatta-load-config.pl +++ b/scripts/vyatta-load-config.pl @@ -75,11 +75,12 @@ if ( $load_file =~ /^[^\/]\w+:\// ) { if ( $load_file =~ /^(\w+):\/\/\w/ ) { $mode = 'url'; $proto = lc($1); - unless( $proto eq 'tftp' || - $proto eq 'ftp' || - $proto eq 'http' || - $proto eq 'scp' || - $proto eq 'sftp' ) { + unless( $proto eq 'tftp' || + $proto eq 'ftp' || + $proto eq 'http' || + $proto eq 'https' || + $proto eq 'scp' || + $proto eq 'sftp' ) { die "Invalid url protocol [$proto]\n"; } } else { @@ -104,7 +105,6 @@ elsif ( $mode eq 'url' ) { exit 1; } if ( $proto eq 'http' ) { - # # error codes are send back in html, so 1st try a header # and look for "HTTP/1.1 200 OK" -- cgit v1.2.3 From 26dcf310dc70cd25ad80249edf895560dec8f72f Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 3 Nov 2017 16:45:01 +0100 Subject: T281: Validate error codes for 'http' and 'https' --- scripts/vyatta-load-config.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl index de6d9ab..1ffadcd 100755 --- a/scripts/vyatta-load-config.pl +++ b/scripts/vyatta-load-config.pl @@ -104,7 +104,7 @@ elsif ( $mode eq 'url' ) { print "Package [curl] not installed\n"; exit 1; } - if ( $proto eq 'http' ) { + if ( $proto eq 'http' or $proto eq 'https' ) { # # error codes are send back in html, so 1st try a header # and look for "HTTP/1.1 200 OK" -- cgit v1.2.3 From f051e369456abe92272da77ab5831d541e1eface Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 3 Nov 2017 16:45:38 +0100 Subject: T281: Support 'http' permanent redirects (code 301) This enables fetching a VyOS config from a http://foo/bar URL even when http://foo/bar is a permanent redirect to https://foo/bar. --- scripts/vyatta-load-config.pl | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl index 1ffadcd..c52851c 100755 --- a/scripts/vyatta-load-config.pl +++ b/scripts/vyatta-load-config.pl @@ -107,15 +107,14 @@ elsif ( $mode eq 'url' ) { if ( $proto eq 'http' or $proto eq 'https' ) { # # error codes are send back in html, so 1st try a header - # and look for "HTTP/1.1 200 OK" + # and look for "HTTP/1.1 200 OK" or "HTTP/1.1 301 Moved Permanently" # - my $rc = `curl -q -I $load_file 2>&1`; + my $rc = `curl -L -q -I $load_file 2>&1`; if ( $rc =~ /HTTP\/\d+\.?\d\s+(\d+)\s+(.*)$/mi ) { my $rc_code = $1; my $rc_string = $2; - if ( $rc_code == 200 ) { - - # good resonse + if ( $rc_code == 200 or $rc_code == 301 ) { + # good response } else { print "http error: [$rc_code] $rc_string\n"; -- cgit v1.2.3