diff options
| author | aapostoliuk <a.apostoliuk@vyos.io> | 2024-04-04 14:12:50 +0300 |
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-04-04 18:36:53 +0000 |
| commit | 726ed9454f81a7b2828d53ad00fe20b7d8b15046 (patch) | |
| tree | e56425b583346b55e8932f0ba29e6079d88f31dc | |
| parent | 9d94afcba122ae6d4620e21b3e1ef1555b7bb2e1 (diff) | |
| download | vyos-1x-726ed9454f81a7b2828d53ad00fe20b7d8b15046.tar.gz vyos-1x-726ed9454f81a7b2828d53ad00fe20b7d8b15046.zip | |
T6197: Fixed usage ipoe interface client-subnet without pools
Allowed using ipoe interface client-subnet without client pools
configuration.
(cherry picked from commit 49d4df5926637ec3dfd33a1dfcaab364adc28c4c)
| -rw-r--r-- | python/vyos/accel_ppp_util.py | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/python/vyos/accel_ppp_util.py b/python/vyos/accel_ppp_util.py index 845b2f5f0..ae75e6654 100644 --- a/python/vyos/accel_ppp_util.py +++ b/python/vyos/accel_ppp_util.py @@ -163,13 +163,23 @@ def verify_accel_ppp_authentication(config, local_users=True): if "key" not in radius_config: raise ConfigError(f'Missing RADIUS secret key for server "{server}"') + if dict_search("server_type", config) == 'ipoe' and dict_search( + "authentication.mode", config) == "local": + if not dict_search("authentication.interface", config): + raise ConfigError( + "Authentication mode local requires authentication interface to be configured!" + ) + for interface in dict_search("authentication.interface", config): + user_config = config["authentication"]["interface"][interface] + if "mac" not in user_config: + raise ConfigError( + f'Users MAC addreses are not configured for interface "{interface}"') + if dict_search('authentication.radius.dynamic_author.server', config): if not dict_search('authentication.radius.dynamic_author.key', config): raise ConfigError('DAE/CoA server key required!') - - def verify_accel_ppp_ip_pool(vpn_config): """ Common helper function which must be used by Accel-PPP @@ -192,7 +202,9 @@ def verify_accel_ppp_ip_pool(vpn_config): default_pool = dict_search("default_pool", vpn_config) if default_pool: - if default_pool not in dict_search("client_ip_pool", vpn_config): + if not dict_search('client_ip_pool', + vpn_config) or default_pool not in dict_search( + 'client_ip_pool', vpn_config): raise ConfigError(f'Default pool "{default_pool}" does not exists') if 'client_ipv6_pool' in vpn_config: @@ -204,8 +216,20 @@ def verify_accel_ppp_ip_pool(vpn_config): if dict_search('authentication.mode', vpn_config) in ['local', 'noauth']: if not dict_search('client_ip_pool', vpn_config) and not dict_search( 'client_ipv6_pool', vpn_config): - raise ConfigError( - "Local auth mode requires local client-ip-pool or client-ipv6-pool to be configured!") + if dict_search('server_type', vpn_config) == 'ipoe': + if 'interface' in vpn_config: + for interface, interface_config in vpn_config['interface'].items(): + if dict_search('client_subnet', interface_config): + break + else: + raise ConfigError( + 'Local auth and noauth mode requires local client-ip-pool \ + or client-ipv6-pool or client-subnet to be configured!') + else: + raise ConfigError( + "Local auth mode requires local client-ip-pool \ + or client-ipv6-pool to be configured!") + if dict_search('client_ip_pool', vpn_config) and not dict_search( 'default_pool', vpn_config): Warning("'default-pool' is not defined") |