ddclient: T5708: Ensure password is always wrapped in quotes

Migration to 3.11.1 follow-up: This should make `ddclient.conf` parsing more resilient to edge cases (particularly when `password` isn't the last option right before the host parameter). ddclient config parser applies special treatment to the password field and would unwrap the quotes automatically. Also, switch from now deprecated `use=no` to `use=disabled`.
author: Indrajit Raychaudhuri <irc@indrajit.com> 2023-11-08 14:11:04 -0600
committer: Indrajit Raychaudhuri <irc@indrajit.com> 2023-11-08 16:40:34 -0600
commit: 9efa76910458b6d58882768641ab598b7c0c9699 (patch)
tree: cb0074939bb9d01b74ef3a1b7fdfff4b53ef2e4b
parent: b083e1bbf230d4e407bd9adb508197517d15bfb1 (diff)
download: vyos-1x-9efa76910458b6d58882768641ab598b7c0c9699.tar.gz
vyos-1x-9efa76910458b6d58882768641ab598b7c0c9699.zip
2 files changed, 8 insertions, 8 deletions
diff --git a/data/templates/dns-dynamic/ddclient.conf.j2 b/data/templates/dns-dynamic/ddclient.conf.j2
index 879887a1f..356b8d0d0 100644
--- a/data/templates/dns-dynamic/ddclient.conf.j2
+++ b/data/templates/dns-dynamic/ddclient.conf.j2
@@ -13,9 +13,9 @@ web-skip{{ ipv }}='{{ web_options.skip }}', \
 if{{ ipv }}={{ address }}, \
 {%     endif %}
 {% endfor %}
-{# Other service options #}
+{# Other service options with special treatment for password #}
 {% for k,v in kwargs.items() if v is vyos_defined %}
-{{ k | replace('_', '-') }}={{ v }}{{ ',' if not loop.last }} \
+{{ k | replace('_', '-') }}={{ "'%s'" % (v) if k == 'password' else v }}{{ ',' if not loop.last }} \
 {% endfor %}
 {# Actual hostname for the service #}
 {{ host }}
@@ -29,7 +29,7 @@ cache={{ config_file | replace('.conf', '.cache') }}
 {# ddclient default (web=dyndns) doesn't support ssl and results in process lockup #}
 web=googledomains
 {# ddclient default (use=ip) results in confusing warning message in log #}
-use=no
+use=disabled
 
 {% if address is vyos_defined %}
 {%     for address, service_cfg in address.items() %}
diff --git a/smoketest/scripts/cli/test_service_dns_dynamic.py b/smoketest/scripts/cli/test_service_dns_dynamic.py
index 9624f823f..69ea5c1b3 100755
--- a/smoketest/scripts/cli/test_service_dns_dynamic.py
+++ b/smoketest/scripts/cli/test_service_dns_dynamic.py
@@ -100,7 +100,7 @@ class TestServiceDDNS(VyOSUnitTestSHIM.TestCase):
             self.assertIn(f'daemon=300', ddclient_conf)
             self.assertIn(f'usev4=ifv4', ddclient_conf)
             self.assertIn(f'ifv4={interface}', ddclient_conf)
-            self.assertIn(f'password={password}', ddclient_conf)
+            self.assertIn(f'password=\'{password}\'', ddclient_conf)
 
             for opt in details.keys():
                 if opt == 'username':
@@ -146,7 +146,7 @@ class TestServiceDDNS(VyOSUnitTestSHIM.TestCase):
         self.assertIn(f'protocol={proto}', ddclient_conf)
         self.assertIn(f'server={server}', ddclient_conf)
         self.assertIn(f'login={username}', ddclient_conf)
-        self.assertIn(f'password={password}', ddclient_conf)
+        self.assertIn(f'password=\'{password}\'', ddclient_conf)
         self.assertIn(f'min-interval={wait_time}', ddclient_conf)
         self.assertIn(f'max-interval={expiry_time_good}', ddclient_conf)
 
@@ -185,7 +185,7 @@ class TestServiceDDNS(VyOSUnitTestSHIM.TestCase):
                 self.assertIn(f'usev6=ifv6', ddclient_conf)
                 self.assertIn(f'ifv4={interface}', ddclient_conf)
                 self.assertIn(f'ifv6={interface}', ddclient_conf)
-            self.assertIn(f'password={password}', ddclient_conf)
+            self.assertIn(f'password=\'{password}\'', ddclient_conf)
 
             for opt in details.keys():
                 if opt == 'username':
@@ -218,7 +218,7 @@ class TestServiceDDNS(VyOSUnitTestSHIM.TestCase):
             self.assertIn(f'protocol=nsupdate', ddclient_conf)
             self.assertIn(f'server={server}', ddclient_conf)
             self.assertIn(f'zone={zone}', ddclient_conf)
-            self.assertIn(f'password={key_file.name}', ddclient_conf)
+            self.assertIn(f'password=\'{key_file.name}\'', ddclient_conf)
             self.assertIn(f'ttl={ttl}', ddclient_conf)
 
     def test_05_dyndns_hostname(self):
@@ -242,7 +242,7 @@ class TestServiceDDNS(VyOSUnitTestSHIM.TestCase):
             self.assertIn(f'protocol={proto}', ddclient_conf)
             self.assertIn(f'server={server}', ddclient_conf)
             self.assertIn(f'login={username}', ddclient_conf)
-            self.assertIn(f'password={password}', ddclient_conf)
+            self.assertIn(f'password=\'{password}\'', ddclient_conf)
             self.assertIn(f'{name}', ddclient_conf)
 
     def test_06_dyndns_vrf(self):
author	Indrajit Raychaudhuri <irc@indrajit.com>	2023-11-08 14:11:04 -0600
committer	Indrajit Raychaudhuri <irc@indrajit.com>	2023-11-08 16:40:34 -0600
commit	9efa76910458b6d58882768641ab598b7c0c9699 (patch)
tree	cb0074939bb9d01b74ef3a1b7fdfff4b53ef2e4b
parent	b083e1bbf230d4e407bd9adb508197517d15bfb1 (diff)
download	vyos-1x-9efa76910458b6d58882768641ab598b7c0c9699.tar.gz vyos-1x-9efa76910458b6d58882768641ab598b7c0c9699.zip