summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIndrajit Raychaudhuri <irc@indrajit.com>2023-11-04 16:01:02 -0500
committerIndrajit Raychaudhuri <irc@indrajit.com>2023-11-05 10:52:21 -0600
commitfd5cdaa7a6688eb8ec5c8df26be27253b8ca140f (patch)
treebf280c1cd8ba68831e89f72efb9cd508cfc97d37
parent5c260386d246fd76df70540d003ac808fe33b467 (diff)
downloadvyos-1x-fd5cdaa7a6688eb8ec5c8df26be27253b8ca140f.tar.gz
vyos-1x-fd5cdaa7a6688eb8ec5c8df26be27253b8ca140f.zip
ddclient: T5708: Validate proper use of `web-options`
`web-options` is only applicable when using HTTP(S) web request to obtain the IP address. Apply guard for that.
-rwxr-xr-xsrc/conf_mode/dns_dynamic.py4
-rw-r--r--src/migration-scripts/dns-dynamic/1-to-27
2 files changed, 11 insertions, 0 deletions
diff --git a/src/conf_mode/dns_dynamic.py b/src/conf_mode/dns_dynamic.py
index 874c4b689..d71dc22fd 100755
--- a/src/conf_mode/dns_dynamic.py
+++ b/src/conf_mode/dns_dynamic.py
@@ -82,6 +82,10 @@ def verify(dyndns):
f'based Dynamic DNS service on "{address}"')
# Dynamic DNS service provider - configuration validation
+ if 'web_options' in dyndns['address'][address] and address != 'web':
+ raise ConfigError(f'"web-options" is applicable only when using HTTP(S) web request to obtain the IP address')
+
+ # Dynamic DNS service provider - configuration validation
if 'service' in dyndns['address'][address]:
for service, config in dyndns['address'][address]['service'].items():
error_msg = f'is required for Dynamic DNS service "{service}" on "{address}"'
diff --git a/src/migration-scripts/dns-dynamic/1-to-2 b/src/migration-scripts/dns-dynamic/1-to-2
index b4679769c..8aaedf210 100644
--- a/src/migration-scripts/dns-dynamic/1-to-2
+++ b/src/migration-scripts/dns-dynamic/1-to-2
@@ -17,6 +17,7 @@
# T5708:
# - migrate "service dns dynamic timeout ..."
# to "service dns dynamic interval ..."
+# - remove "service dns dynamic address <interface> web-options ..." when <interface> != "web"
import sys
from vyos.configtree import ConfigTree
@@ -34,6 +35,7 @@ config = ConfigTree(config_file)
base_path = ['service', 'dns', 'dynamic']
timeout_path = base_path + ['timeout']
+address_path = base_path + ['address']
if not config.exists(base_path):
# Nothing to do
@@ -44,6 +46,11 @@ if not config.exists(base_path):
if config.exists(timeout_path):
config.rename(timeout_path, 'interval')
+# Remove "service dns dynamic address <interface> web-options ..." when <interface> != "web"
+for address in config.list_nodes(address_path):
+ if config.exists(address_path + [address, 'web-options']) and address != 'web':
+ config.delete(address_path + [address, 'web-options'])
+
try:
with open(file_name, 'w') as f:
f.write(config.to_string())