diff options
author | Christian Poessinger <christian@poessinger.com> | 2019-11-17 21:13:19 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2019-11-17 21:13:19 +0100 |
commit | d3b689ecb951c49dddf0402f36f51a2e0d8216b3 (patch) | |
tree | 1048aec8ff2347696643d92a4bf48170936b4201 | |
parent | 80375d2be96c53f2fa4a827f93105dc32931401f (diff) | |
parent | 4e4f1dbd745952a24d70c3e2d7dc495d675dff34 (diff) | |
download | vyos-1x-d3b689ecb951c49dddf0402f36f51a2e0d8216b3.tar.gz vyos-1x-d3b689ecb951c49dddf0402f36f51a2e0d8216b3.zip |
Merge branch 'current' of github.com:vyos/vyos-1x into equuleus
* 'current' of github.com:vyos/vyos-1x:
dns: T1786: add proper processing of 'system disable-dhcp-nameservers'
openvpn: fix typo in op-mode command on display rx bytes
T1801: escape isolated backslashes before passing to ConfigTree()
wireless: T1627: fix interface names for list_interfaces.py
[service https] T1443: add setting of HTTPS listen port
-rw-r--r-- | data/interface-types.json | 2 | ||||
-rw-r--r-- | interface-definitions/https.xml | 12 | ||||
-rw-r--r-- | python/vyos/config.py | 6 | ||||
-rw-r--r-- | python/vyos/util.py | 6 | ||||
-rwxr-xr-x | src/conf_mode/host_name.py | 6 | ||||
-rwxr-xr-x | src/conf_mode/https.py | 6 | ||||
-rwxr-xr-x | src/op_mode/show_openvpn.py | 2 | ||||
-rwxr-xr-x | src/services/vyos-hostsd | 16 | ||||
-rwxr-xr-x | src/services/vyos-http-api-server | 2 |
9 files changed, 45 insertions, 13 deletions
diff --git a/data/interface-types.json b/data/interface-types.json index f5820f403..f1862b882 100644 --- a/data/interface-types.json +++ b/data/interface-types.json @@ -11,7 +11,7 @@ "l2tpv3": "l2tpeth", "vxlan": "vxlan", "wireguard": "wg", - "wireless": "wireless", + "wireless": "wlan", "wirelessmodem": "wlm", "input": "ifb", "pppoe": "pppoe" diff --git a/interface-definitions/https.xml b/interface-definitions/https.xml index 403d4ecb0..d9874a1f9 100644 --- a/interface-definitions/https.xml +++ b/interface-definitions/https.xml @@ -31,6 +31,18 @@ </constraint> </properties> <children> + <leafNode name='listen-port'> + <properties> + <help>Port to listen for HTTPS requests; default 443</help> + <valueHelp> + <format>1-65535</format> + <description>Numeric IP port</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> <leafNode name="server-name"> <properties> <help>Server names: exact, wildcard, regex, or '_' (any)</help> diff --git a/python/vyos/config.py b/python/vyos/config.py index 5bd8fb072..e5963c19a 100644 --- a/python/vyos/config.py +++ b/python/vyos/config.py @@ -69,6 +69,7 @@ import json import subprocess import vyos.configtree +import vyos.util class VyOSError(Exception): @@ -111,6 +112,11 @@ class Config(object): else: session_config_text = running_config_text + # The output of showConfig does not escape backslashes, as is expected + # by ConfigTree(). + session_config_text = vyos.util.escape_backslash(session_config_text) + running_config_text = vyos.util.escape_backslash(running_config_text) + self._session_config = vyos.configtree.ConfigTree(session_config_text) self._running_config = vyos.configtree.ConfigTree(running_config_text) diff --git a/python/vyos/util.py b/python/vyos/util.py index 67a602f7a..659a702fd 100644 --- a/python/vyos/util.py +++ b/python/vyos/util.py @@ -199,3 +199,9 @@ def is_admin() -> bool: current_user = getpass.getuser() (_, _, _, admin_group_members) = grp.getgrnam('sudo') return current_user in admin_group_members + +def escape_backslash(string: str) -> str: + """Escape single backslashes in string that are not in escape sequence""" + p = re.compile(r'(?<!\\)[\\](?!b|f|n|r|t|\\[^bfnrt])') + result = p.sub(r'\\\\', string) + return result diff --git a/src/conf_mode/host_name.py b/src/conf_mode/host_name.py index bb1ec9597..47cf232e9 100755 --- a/src/conf_mode/host_name.py +++ b/src/conf_mode/host_name.py @@ -66,7 +66,7 @@ def get_config(): hosts['nameserver'] = conf.return_values("system name-server") if conf.exists("system disable-dhcp-nameservers"): - hosts['no_dhcp_ns'] = conf.exists('system disable-dhcp-nameservers') + hosts['no_dhcp_ns'] = True # system static-host-mapping hosts['static_host_mapping'] = [] @@ -135,6 +135,10 @@ def apply(config): try: client = vyos.hostsd_client.Client() + # Check if disable-dhcp-nameservers is configured, and if yes - delete DNS servers added by DHCP + if config['no_dhcp_ns']: + client.delete_name_servers('dhcp-.+') + client.set_host_name(config['hostname'], config['domain_name'], config['domain_search']) client.delete_name_servers(tag) diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index d7fcb74de..fbd351e45 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -49,7 +49,7 @@ server { listen 443 ssl; listen [::]:443 ssl; {% else %} - listen {{ server.address }}:443 ssl; + listen {{ server.address }}:{{ server.port }} ssl; {% endif %} {% for name in server.name %} @@ -107,7 +107,11 @@ def get_config(): if conf.exists('listen-address'): for addr in conf.list_nodes('listen-address'): server_block = {'address' : addr} + server_block['port'] = '443' server_block['name'] = ['_'] + if conf.exists('listen-address {0} listen-port'.format(addr)): + port = conf.return_value('listen-address {0} listen-port'.format(addr)) + server_block['port'] = port if conf.exists('listen-address {0} server-name'.format(addr)): names = conf.return_values('listen-address {0} server-name'.format(addr)) server_block['name'] = names[:] diff --git a/src/op_mode/show_openvpn.py b/src/op_mode/show_openvpn.py index 577ed7eb7..06b90296f 100755 --- a/src/op_mode/show_openvpn.py +++ b/src/op_mode/show_openvpn.py @@ -28,7 +28,7 @@ OpenVPN status on {{ intf }} Client CN Remote Host Local Host TX bytes RX bytes Connected Since --------- ----------- ---------- -------- -------- --------------- {%- for c in clients %} -{{ "%-15s"|format(c.name) }} {{ "%-21s"|format(c.remote) }} {{ "%-21s"|format(local) }} {{ "%-9s"|format(c.tx_bytes) }} {{ "%-9s"|format(c.tx_bytes) }} {{ c.online_since }} +{{ "%-15s"|format(c.name) }} {{ "%-21s"|format(c.remote) }} {{ "%-21s"|format(local) }} {{ "%-9s"|format(c.tx_bytes) }} {{ "%-9s"|format(c.rx_bytes) }} {{ c.online_since }} {%- endfor %} {% endif %} """ diff --git a/src/services/vyos-hostsd b/src/services/vyos-hostsd index 5c2ea71c8..5fb7a68ab 100755 --- a/src/services/vyos-hostsd +++ b/src/services/vyos-hostsd @@ -22,6 +22,7 @@ import time import json import signal import traceback +import re import zmq @@ -154,14 +155,10 @@ def add_name_servers(data, entries, tag): def delete_name_servers(data, tag): name_servers = data['name_servers'] - keys_for_deletion = [] - - for ns in name_servers: - if name_servers[ns]['tag'] == tag: - keys_for_deletion.append(ns) - - for k in keys_for_deletion: - del name_servers[k] + regex_filter = re.compile(tag) + for ns in list(name_servers.keys()): + if regex_filter.match(name_servers[ns]['tag']): + del name_servers[ns] def set_host_name(state, data): if data['host_name']: @@ -174,8 +171,9 @@ def set_host_name(state, data): def get_name_servers(state, tag): ns = [] data = state['name_servers'] + regex_filter = re.compile(tag) for n in data: - if data[n]['tag'] == tag: + if regex_filter.match(data[n]['tag']): ns.append(n) return ns diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index 1abaed873..9b6d7e979 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -24,6 +24,7 @@ import traceback import threading import vyos.config +import vyos.util import bottle @@ -212,6 +213,7 @@ def get_value(): config_format = command['configFormat'] res = session.show_config(path=command['path']) + res = vyos.util.escape_backslash(res) if config_format == 'json': config_tree = vyos.configtree.ConfigTree(res) res = json.loads(config_tree.to_json()) |