diff options
-rw-r--r-- | data/templates/salt-minion/minion.j2 | 8 | ||||
-rw-r--r-- | interface-definitions/salt-minion.xml.in | 1 | ||||
-rwxr-xr-x | smoketest/scripts/cli/test_service_salt.py | 5 | ||||
-rwxr-xr-x | src/conf_mode/salt-minion.py | 7 |
4 files changed, 19 insertions, 2 deletions
diff --git a/data/templates/salt-minion/minion.j2 b/data/templates/salt-minion/minion.j2 index d9922ebe8..6940c0cde 100644 --- a/data/templates/salt-minion/minion.j2 +++ b/data/templates/salt-minion/minion.j2 @@ -57,5 +57,11 @@ id: {{ id }} # The number of minutes between mine updates. mine_interval: {{ interval }} -verify_master_pubkey_sign: {{ 'True' if master_key is vyos_defined else 'False' }} +{% if source_interface is vyos_defined %} +# The name of the interface to use when establishing the connection to the Master. +source_interface_name = {{ source_interface }} +{% endif %} +# Enables verification of the master-public-signature returned by the master +# in auth-replies. +verify_master_pubkey_sign: {{ 'True' if master_key is vyos_defined else 'False' }} diff --git a/interface-definitions/salt-minion.xml.in b/interface-definitions/salt-minion.xml.in index f8b4c4b89..c3219cff3 100644 --- a/interface-definitions/salt-minion.xml.in +++ b/interface-definitions/salt-minion.xml.in @@ -66,6 +66,7 @@ <help>URL with signature of master for auth reply verification</help> </properties> </leafNode> + #include <include/source-interface.xml.i> </children> </node> </children> diff --git a/smoketest/scripts/cli/test_service_salt.py b/smoketest/scripts/cli/test_service_salt.py index bbeec7f7b..8a8ad093c 100755 --- a/smoketest/scripts/cli/test_service_salt.py +++ b/smoketest/scripts/cli/test_service_salt.py @@ -68,11 +68,13 @@ class TestServiceSALT(VyOSUnitTestSHIM.TestCase): hash = 'sha1' id = 'foo' interval = '120' + interface = 'eth0' self.cli_set(base_path + ['master', server]) self.cli_set(base_path + ['hash', hash]) self.cli_set(base_path + ['id', id]) self.cli_set(base_path + ['interval', interval]) + self.cli_set(base_path + ['source_interface', interface]) self.cli_commit() @@ -84,7 +86,8 @@ class TestServiceSALT(VyOSUnitTestSHIM.TestCase): self.assertIn(f'hash_type: {hash}', conf) self.assertIn(f'id: {id}', conf) self.assertIn(f'mine_interval: {interval}', conf) - self.assertIn(f'id: {id}', conf) + self.assertIn(f'id: {interface}', conf) + self.assertIn(f'source_interface_name: {id}', conf) if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/src/conf_mode/salt-minion.py b/src/conf_mode/salt-minion.py index 89df3b48a..d296bc202 100755 --- a/src/conf_mode/salt-minion.py +++ b/src/conf_mode/salt-minion.py @@ -25,6 +25,7 @@ from vyos.configdict import dict_merge from vyos.template import render from vyos.util import call from vyos.util import chown +from vyos.verify import verify_interface_exists from vyos.xml import defaults from vyos import ConfigError @@ -66,6 +67,12 @@ def get_config(config=None): return salt def verify(salt): + if not salt: + return None + + if 'source_interface' in salt: + verify_interface_exists(salt['source_interface']) + return None def generate(salt): |