Merge pull request #2839 from josephillips85/current

dhcp: T5952: Fix validate duplicate MAC Address on same subnet

2 files changed, 35 insertions, 6 deletions

diff --git a/smoketest/scripts/cli/test_service_dhcp-server.py b/smoketest/scripts/cli/test_service_dhcp-server.py
index 3e6adb149..849a411f1 100755
--- a/smoketest/scripts/cli/test_service_dhcp-server.py
+++ b/smoketest/scripts/cli/test_service_dhcp-server.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2024 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -383,12 +383,30 @@ class TestServiceDHCPServer(VyOSUnitTestSHIM.TestCase):
         self.cli_delete(pool + ['static-mapping', 'client1', 'duid'])
 
         # cannot have mappings with duplicate IP addresses
+        self.cli_set(pool + ['static-mapping', 'dupe1', 'mac', '00:50:00:00:fe:ff'])
+        self.cli_set(pool + ['static-mapping', 'dupe1', 'ip-address', inc_ip(subnet, 10)])
         with self.assertRaises(ConfigSessionError):
-            self.cli_set(pool + ['static-mapping', 'dupe1', 'mac', '00:50:00:00:00:01'])
-            self.cli_set(pool + ['static-mapping', 'dupe1', 'ip-address', inc_ip(subnet, 10)])
             self.cli_commit()
         self.cli_delete(pool + ['static-mapping', 'dupe1'])
 
+        # cannot have mappings with duplicate MAC addresses
+        self.cli_set(pool + ['static-mapping', 'dupe2', 'mac', '00:50:00:00:00:10'])
+        self.cli_set(pool + ['static-mapping', 'dupe2', 'ip-address', inc_ip(subnet, 120)])
+        with self.assertRaises(ConfigSessionError):
+            self.cli_commit()
+        self.cli_delete(pool + ['static-mapping', 'dupe2'])
+
+
+        # cannot have mappings with duplicate MAC addresses
+        self.cli_set(pool + ['static-mapping', 'dupe3', 'duid', '00:01:02:03:04:05:06:07:aa:aa:aa:aa:aa:01'])
+        self.cli_set(pool + ['static-mapping', 'dupe3', 'ip-address', inc_ip(subnet, 121)])
+        self.cli_set(pool + ['static-mapping', 'dupe4', 'duid', '00:01:02:03:04:05:06:07:aa:aa:aa:aa:aa:01'])
+        self.cli_set(pool + ['static-mapping', 'dupe4', 'ip-address', inc_ip(subnet, 121)])
+        with self.assertRaises(ConfigSessionError):
+            self.cli_commit()
+        self.cli_delete(pool + ['static-mapping', 'dupe3'])
+        self.cli_delete(pool + ['static-mapping', 'dupe4'])
+
         # commit changes
         self.cli_commit()
 
diff --git a/src/conf_mode/service_dhcp-server.py b/src/conf_mode/service_dhcp-server.py
index 2418c8faa..9632b91fc 100755
--- a/src/conf_mode/service_dhcp-server.py
+++ b/src/conf_mode/service_dhcp-server.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2018-2023 VyOS maintainers and contributors
+# Copyright (C) 2018-2024 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -233,6 +233,8 @@ def verify(dhcp):
             if 'static_mapping' in subnet_config:
                 # Static mappings require just a MAC address (will use an IP from the dynamic pool if IP is not set)
                 used_ips = []
+                used_mac = []
+                used_duid = []
                 for mapping, mapping_config in subnet_config['static_mapping'].items():
                     if 'ip_address' in mapping_config:
                         if ip_address(mapping_config['ip_address']) not in ip_network(subnet):
@@ -245,10 +247,19 @@ def verify(dhcp):
                                               f'static mapping "{mapping}" within shared-network "{network}, {subnet}"!')
 
                         if mapping_config['ip_address'] in used_ips:
-                            raise ConfigError(f'Configured IP address for static mapping "{mapping}" exists on another static mapping')
-
+                            raise ConfigError(f'Configured IP address for static mapping "{mapping}" already exists on another static mapping')
                         used_ips.append(mapping_config['ip_address'])
 
+                    if 'mac' in mapping_config:
+                        if mapping_config['mac'] in used_mac:
+                            raise ConfigError(f'Configured MAC address for static mapping "{mapping}" already exists on another static mapping')
+                        used_mac.append(mapping_config['mac'])
+
+                    if 'duid' in mapping_config:
+                        if mapping_config['duid'] in used_duid:
+                            raise ConfigError(f'Configured DUID for static mapping "{mapping}" already exists on another static mapping')
+                        used_duid.append(mapping_config['duid'])
+
             # There must be one subnet connected to a listen interface.
             # This only counts if the network itself is not disabled!
             if 'disable' not in network_config: