ssh: T2651: extend verify() when both source-address and source-interface is used

We need to ensure that source-address is assigned on source-interface before
applying the configuration, else SSH client will have a hard time talking to
someone.

1 files changed, 9 insertions, 1 deletions

diff --git a/src/conf_mode/system-option.py b/src/conf_mode/system-option.py
index ceac3dc16..e6c7a0ed2 100755
--- a/src/conf_mode/system-option.py
+++ b/src/conf_mode/system-option.py
@@ -27,6 +27,7 @@ from vyos.template import render
 from vyos.util import cmd
 from vyos.util import is_systemd_service_running
 from vyos.validate import is_addr_assigned
+from vyos.validate import is_intf_addr_assigned
 from vyos.xml import defaults
 from vyos import ConfigError
 from vyos import airbag
@@ -69,10 +70,17 @@ def verify(options):
     if 'ssh_client' in options:
         config = options['ssh_client']
         if 'source_address' in config:
+            address = config['source_address']
             if not is_addr_assigned(config['source_address']):
-                raise ConfigError('No interface with give address specified!')
+                raise ConfigError('No interface with address "{address}" configured!')
+
         if 'source_interface' in config:
             verify_source_interface(config)
+            if 'source_address' in config:
+                address = config['source_address']
+                interface = config['source_interface']
+                if not is_intf_addr_assigned(interface, address):
+                    raise ConfigError(f'Address "{address}" not assigned on interface "{interface}"!')
 
     return None