From 028e8e12c5e15efc0a316641f2b02e46d5c77210 Mon Sep 17 00:00:00 2001 From: Michael Larson Date: Mon, 6 Jul 2009 17:44:29 -0700 Subject: fix for ptr magic on 64 bit system. looks like double ptr was getting the missing the last 4 bytes on 64 bit copy. --- src/commit2.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/commit2.c b/src/commit2.c index 5f70aa4..a324bab 100644 --- a/src/commit2.c +++ b/src/commit2.c @@ -943,7 +943,7 @@ validate_configuration(GNode *root_node, boolean mode, GSList **nodes_visited_co struct Result result; result._err_code = 0; result._mode = (int)mode; - result._data = (void*)nodes_visited_coll; + result._data = (void*)*nodes_visited_coll; //handles both syntax and commit result._action = syntax_act; @@ -963,7 +963,7 @@ validate_configuration(GNode *root_node, boolean mode, GSList **nodes_visited_co } GList **c_tmp = (GList**)result._data; - *nodes_visited_coll = (GSList*)*c_tmp; + *nodes_visited_coll = (GSList*)c_tmp; return TRUE; } @@ -985,8 +985,7 @@ validate_func(GNode *node, gpointer data) struct Result *result = (struct Result*)data; //since this visits all working nodes, let's maintain a set of nodes to commit - GList **c_tmp = (GList**)result->_data; - GList *coll = *c_tmp; + GList *coll = (GList*)result->_data; if (d->_path != NULL) { char *buf = malloc(MAX_LENGTH_DIR_PATH*sizeof(char)); if (IS_DELETE(d->_operation)) { @@ -996,7 +995,7 @@ validate_func(GNode *node, gpointer data) strcat(buf,val); } coll = g_slist_append(coll,buf); - result->_data = (void*)&coll; + result->_data = (void*)coll; } else if (IS_SET_OR_CREATE(d->_operation)) { sprintf(buf,"+ %s",d->_path); @@ -1005,7 +1004,7 @@ validate_func(GNode *node, gpointer data) strcat(buf,val); } coll = g_slist_append(coll,buf); - result->_data = (void*)&coll; + result->_data = (void*)coll; } } -- cgit v1.2.3 From 09a684d6481868b501e5fb2df579ff6216dd111c Mon Sep 17 00:00:00 2001 From: Michael Larson Date: Wed, 9 Sep 2009 16:27:42 -0700 Subject: Priority file generator. This program will iterate over the complete template tree and build the priority file from "priority: val" tags found in node.def files. This will now allow us to migrate the priority statements found to the specified nodes. Currently the program does not order the priority nodes according to values (cosmetic feature). Finally once all the priority values have been migrated to the infected node.defs the priority program can be added as a postinst hook on debian package install. --- Makefile.am | 5 ++- src/priority.c | 132 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 135 insertions(+), 2 deletions(-) create mode 100644 src/priority.c diff --git a/Makefile.am b/Makefile.am index 217de7e..14a6cda 100644 --- a/Makefile.am +++ b/Makefile.am @@ -27,14 +27,15 @@ CLEANFILES = src/cli_parse.c src/cli_parse.h src/cli_def.c src/cli_val.c LDADD = src/libvyatta-cfg.la LDADD += /usr/lib/libglib-2.0.la - -sbin_PROGRAMS = src/my_commit1 +sbin_PROGRAMS = src/priority +sbin_PROGRAMS += src/my_commit1 sbin_PROGRAMS += src/my_commit2 sbin_PROGRAMS += src/exe_action sbin_PROGRAMS += src/dump sbin_PROGRAMS += src/my_delete sbin_PROGRAMS += src/my_set sbin_PROGRAMS += src/check_tmpl +src_priority_SOURCES = src/priority.c src_my_commit1_SOURCES = src/commit.c src_my_commit2_SOURCES = src/commit2.c src_exe_action_SOURCES = src/exe_action.c diff --git a/src/priority.c b/src/priority.c new file mode 100644 index 0000000..3b113f3 --- /dev/null +++ b/src/priority.c @@ -0,0 +1,132 @@ +#include +#include +#include +#include +#include +#include +#include + + +void recurse(char *cur_dir,FILE *out); + +/** + * + * + **/ +void +usage(void) +{ + printf("priority: recurses templates and generates priority file\n"); + printf("\t-h\thelp\n"); + printf("\t-f\toutput file\n"); +} + + +/** + * + * + **/ +int +main(int argc, char** argv) +{ + int ch; + char *filename = NULL; + + //grab inputs + while ((ch = getopt(argc, argv, "hf:")) != -1) { + switch (ch) { + case 'h': + usage(); + exit(0); + case 'f': + filename = optarg; + //GET OUT FILE HERE + } + + if (filename == NULL) { + strcpy(filename,"priority"); + } + + FILE *fp = fopen(filename,"w"); + if (fp == NULL) { + printf("cannot open priority file. exiting...\n"); + } + + char root_dir[2048] = ""; + recurse(root_dir,fp); + fclose(fp); + } +} + + +/** + * On each priority node write out location and value and continue recursion + * + **/ +void +recurse(char *cur_dir,FILE *out) +{ + char root_path[] = "/opt/vyatta/share/vyatta-cfg/templates"; + char str[2048]; + //open and scan node.def + + char file[2048]; + sprintf(file,"%s/%s/node.def",root_path,cur_dir); + FILE *fp = fopen(file,"r"); + // printf("found node.def at: %s\n",file); + + if (fp != NULL) { + while (fgets(str, 1024, fp) != 0) { + if (strncmp("priority:",str,9) == 0) { + //retrieve value and write out... + + const char delimiters[] = " "; + char *running; + char *token; + + running = strdup(str); + token = strsep(&running, delimiters); + token = strsep(&running, delimiters); + + unsigned long val = strtoul(token,NULL,10); + if (val > 0 && val <= 1000) { + fwrite(token,1,strlen(token)-1,out); + fwrite(" ",1,1,out); + + //remove fixed path + //offset by 1 to remove the leading slash + fwrite(cur_dir+1,1,strlen(cur_dir)-1,out); + fwrite("\n",1,1,out); + } + break; + } + } + fclose(fp); + } + + + //now recurse the other directories here. + //iterate over directory here + + char path[2048]; + sprintf(path,"%s/%s",root_path,cur_dir); + DIR *dp; + if ((dp = opendir(path)) == NULL) { + return; + } + + //finally iterate over valid child directory entries + struct dirent *dirp = NULL; + while ((dirp = readdir(dp)) != NULL) { + if (strcmp(dirp->d_name, ".") != 0 && + strcmp(dirp->d_name, "..") != 0 && + strcmp(dirp->d_name, "node.def") != 0) { + char local_dir[2048]; + strcpy(local_dir,cur_dir); + strcat(local_dir,"/"); + strcat(local_dir,dirp->d_name); + recurse(local_dir,out); + } + } + closedir(dp); +} -- cgit v1.2.3 From 84fb2f920765c6d02f35ef1654dc0f8c2bef648c Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Wed, 9 Sep 2009 17:08:21 -0700 Subject: Bugfix 4700, 4269: Fix set and commit-time checks of ethernet address values Changed the the set-time and commit-time check of ethernet interface address values. These checks need to prevent configuring both DHCP and static IPv4 addresses on the same interfac. The previous checks were comparing against the running configuration tree, not the proposed config tree. Now the set-time check is purely a syntax check, and the commit-time check only checks for both DHCP and static IPv4 addresses in the proposed config. The system now allows DHCP and static IPv6 addresses to be configured on the same interface. --- scripts/vyatta-interfaces.pl | 65 ++++++++++++++++------ .../interfaces/ethernet/node.tag/address/node.def | 17 +++++- 2 files changed, 63 insertions(+), 19 deletions(-) diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index 567e3b7..ac690c5 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -47,7 +47,7 @@ use warnings; my $dhcp_daemon = '/sbin/dhclient'; -my ($eth_update, $eth_delete, $addr, $dev, $mac, $mac_update, $op_dhclient); +my ($eth_update, $eth_delete, $addr_set, @addr_commit, $dev, $mac, $mac_update, $op_dhclient); my ($check_name, $show_names, $intf_cli_path, $vif_name, $warn_name); my ($check_up, $show_path); my @speed_duplex; @@ -59,7 +59,8 @@ Usage: $0 --dev= --check= $0 --dev= --valid-mac= $0 --dev= --eth-addr-update= $0 --dev= --eth-addr-delete= - $0 --dev= --valid-addr={|dhcp} + $0 --dev= --valid-addr-set={|dhcp} + $0 --dev= --valid-addr-commit={addr1 addr2 ...} $0 --dev= --speed-duplex=speed,duplex $0 --dev= --path $0 --dev= --isup @@ -70,7 +71,8 @@ EOF GetOptions("eth-addr-update=s" => \$eth_update, "eth-addr-delete=s" => \$eth_delete, - "valid-addr=s" => \$addr, + "valid-addr-set=s" => \$addr_set, + "valid-addr-commit=s{,}" => \@addr_commit, "dev=s" => \$dev, "valid-mac=s" => \$mac, "set-mac=s" => \$mac_update, @@ -86,7 +88,8 @@ GetOptions("eth-addr-update=s" => \$eth_update, update_eth_addrs($eth_update, $dev) if ($eth_update); delete_eth_addrs($eth_delete, $dev) if ($eth_delete); -is_valid_addr($addr, $dev) if ($addr); +is_valid_addr_set($addr_set, $dev) if ($addr_set); +is_valid_addr_commit($dev, @addr_commit) if (@addr_commit); is_valid_mac($mac, $dev) if ($mac); update_mac($mac_update, $dev) if ($mac_update); op_dhcp_command($op_dhclient, $dev) if ($op_dhclient); @@ -339,7 +342,13 @@ sub is_valid_mac { exit 0; } -sub is_valid_addr { +# Validate an address parameter at the time the user enters it via +# a "set" command. This validates the parameter for syntax only. +# It does not validate it in combination with other parameters. +# Valid values are: "dhcp", /, or +# / +# +sub is_valid_addr_set { my ($addr_net, $intf) = @_; if ($addr_net eq "dhcp") { @@ -347,14 +356,6 @@ sub is_valid_addr { print "Error: can't use dhcp client on loopback interface\n"; exit 1; } - if (is_dhcp_enabled($intf)) { - print "Error: dhcp already configured for $intf\n"; - exit 1; - } - if (is_address_enabled($intf)) { - print "Error: remove static addresses before enabling dhcp for $intf\n"; - exit 1; - } exit 0; } @@ -393,11 +394,6 @@ sub is_valid_addr { } } - if (is_dhcp_enabled($intf)) { - print "Error: remove dhcp before adding static addresses for $intf\n"; - exit 1; - } - if (is_ip_duplicate($intf, $addr_net)) { print "Error: duplicate address/prefix [$addr_net]\n"; exit 1; @@ -417,6 +413,39 @@ sub is_valid_addr { exit 1; } +# Validate the set of address values configured on an interface at commit +# time. Syntax of address values is checked at set time, so is not +# checked here. Instead, we check that full set of address address +# values are consistent. The only rule that we enforce here is that +# one may not configure an interface with both a DHCP address and a static +# IPv4 address. +# +sub is_valid_addr_commit { + my ($intf, @addrs) = @_; + + my $static_v4 = 0; + my $dhcp = 0; + + foreach my $addr (@addrs) { + if ($addr eq "dhcp") { + $dhcp = 1; + } else { + my $version = is_ip_v4_or_v6($addr); + if ($version == 4) { + $static_v4 = 1; + } + } + } + + if ($static_v4 == 1 && $dhcp == 1) { + printf("Error configuring interface $intf: Can't configure static\n"); + printf("IPv4 address and DHCP on the same interface.\n"); + exit 1; + } + + exit 0; +} + sub op_dhcp_command { my ($op_command, $intf) = @_; diff --git a/templates/interfaces/ethernet/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/address/node.def index dd4d5fa..db87ff0 100644 --- a/templates/interfaces/ethernet/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/address/node.def @@ -1,11 +1,26 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"\ + +# Syntax check at "set" time. Give curent address value to script +# so that it can perform syntax check. +# +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"\ ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" + +# Syntax check at "commit" time. Pass all address values to script so that +# it can perform consistency check. +# +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../@)" + create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@) + delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@) + allowed: echo "dhcp <>" + comp_help:Possible completions: Set the IP address and prefix length Set the IPv6 address and prefix length -- cgit v1.2.3 From d32ceb43ab64530c6eca81ec83fe4b374dd510d0 Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Wed, 9 Sep 2009 17:38:00 -0700 Subject: Bugfix 4700, 4269: Fix set and commit-time checks for ethernet vif addresses too Also restore "--valid-addr" flag to vyatta-interfaces.pl since it is used outside this package. --- scripts/vyatta-interfaces.pl | 1 + .../ethernet/node.tag/vif/node.tag/address/node.def | 17 ++++++++++++++++- templates/interfaces/loopback/node.tag/address/node.def | 5 ++++- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index ac690c5..0ae5330 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -71,6 +71,7 @@ EOF GetOptions("eth-addr-update=s" => \$eth_update, "eth-addr-delete=s" => \$eth_delete, + "valid-addr=s" => \$addr_set, "valid-addr-set=s" => \$addr_set, "valid-addr-commit=s{,}" => \@addr_commit, "dev=s" => \$dev, diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def index 4c93905..a5edef6 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def @@ -1,11 +1,26 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../../@).$VAR(../@) "\ + +# Syntax check at "set" time. Give curent address value to script +# so that it can perform syntax check. +# +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../../@).$VAR(../@) "\ ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)" + +# Syntax check at "commit" time. Pass all address values to script so that +# it can perform consistency check. +# +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../../@).$VAR(../@)" + create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) + delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) + allowed: echo "dhcp <>" + comp_help:Possible completions: Set the IP address and prefix length Set the IPv6 address and prefix length diff --git a/templates/interfaces/loopback/node.tag/address/node.def b/templates/interfaces/loopback/node.tag/address/node.def index 29e8973..76c2e76 100644 --- a/templates/interfaces/loopback/node.tag/address/node.def +++ b/templates/interfaces/loopback/node.tag/address/node.def @@ -1,7 +1,10 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; \ + +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"; \ "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; \ -- cgit v1.2.3 From 8ae9a946fe8ef3898ed21e3f780b6c93153b6713 Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Wed, 9 Sep 2009 17:39:26 -0700 Subject: 0.15.17 --- debian/changelog | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/debian/changelog b/debian/changelog index c13f455..2de3626 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,19 @@ +vyatta-cfg (0.15.17) unstable; urgency=low + + [ Michael Larson ] + * fix for ptr magic on 64 bit system. looks like double ptr was + getting the missing the last 4 bytes on 64 bit copy. + * Priority file generator. This program will iterate over the + complete template tree and build the + + [ Bob Gilligan ] + * Bugfix 4700, 4269: Fix set and commit-time checks of ethernet + address values + * Bugfix 4700, 4269: Fix set and commit-time checks for ethernet vif + addresses too + + -- Bob Gilligan Wed, 09 Sep 2009 17:39:26 -0700 + vyatta-cfg (0.15.16) unstable; urgency=low * Allow empty description -- cgit v1.2.3 From 2cdab905bb8b92a00c8e57e638a9ccbc3244df65 Mon Sep 17 00:00:00 2001 From: Michael Larson Date: Thu, 10 Sep 2009 13:42:58 -0700 Subject: add leaf values to path data structures. will show in disgnostic output from commit and via .changes file used for commit active node set. --- src/common/unionfs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/common/unionfs.c b/src/common/unionfs.c index 5ef6618..6d71402 100644 --- a/src/common/unionfs.c +++ b/src/common/unionfs.c @@ -1039,7 +1039,8 @@ dlist_test_func(GQuark key_id,gpointer data,gpointer user_data) else { new_vn = vn; // strcat(new_vn->_data._path,"/"); - strcat(new_vn->_data._path,"/value"); + strcat(new_vn->_data._path,"/value:"); + strcat(new_vn->_data._path,(char*)g_quark_to_string(key_id)); } new_vn->_data._value = TRUE; strcpy(new_vn->_data._name,(char*)g_quark_to_string(key_id)); -- cgit v1.2.3