diff options
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/include/constraint/interface-name.xml.i | 2 | ||||
| -rw-r--r-- | interface-definitions/interfaces_wireguard.xml.in | 12 | ||||
| -rw-r--r-- | interface-definitions/pki.xml.in | 32 | ||||
| -rw-r--r-- | interface-definitions/service_aws_glb.xml.in | 127 |
4 files changed, 39 insertions, 134 deletions
diff --git a/interface-definitions/include/constraint/interface-name.xml.i b/interface-definitions/include/constraint/interface-name.xml.i index 1b14eabf5..3e7c4e667 100644 --- a/interface-definitions/include/constraint/interface-name.xml.i +++ b/interface-definitions/include/constraint/interface-name.xml.i @@ -1,4 +1,4 @@ <!-- include start from constraint/interface-name.xml.i --> -<regex>(bond|br|dum|en|ersp|eth|gnv|ifb|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)[0-9]+(.\d+)?|lo</regex> +<regex>(bond|br|dum|en|ersp|eth|gnv|ifb|ipoe|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|sstpc|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)[0-9]+(.\d+)?|lo</regex> <validator name="file-path --lookup-path /sys/class/net --directory"/> <!-- include end --> diff --git a/interface-definitions/interfaces_wireguard.xml.in b/interface-definitions/interfaces_wireguard.xml.in index f3fe0f1da..fba1064ef 100644 --- a/interface-definitions/interfaces_wireguard.xml.in +++ b/interface-definitions/interfaces_wireguard.xml.in @@ -44,9 +44,9 @@ <properties> <help>Base64 encoded private key</help> <constraint> - <regex>[0-9a-zA-Z\+/]{43}=</regex> + <validator name="base64"/> </constraint> - <constraintErrorMessage>Key is not valid 44-character (32-bytes) base64</constraintErrorMessage> + <constraintErrorMessage>Key is not base64-encoded</constraintErrorMessage> </properties> </leafNode> <tagNode name="peer"> @@ -64,18 +64,18 @@ <properties> <help>base64 encoded public key</help> <constraint> - <regex>[0-9a-zA-Z\+/]{43}=</regex> + <validator name="base64"/> </constraint> - <constraintErrorMessage>Key is not valid 44-character (32-bytes) base64</constraintErrorMessage> + <constraintErrorMessage>Key is not base64-encoded</constraintErrorMessage> </properties> </leafNode> <leafNode name="preshared-key"> <properties> <help>base64 encoded preshared key</help> <constraint> - <regex>[0-9a-zA-Z\+/]{43}=</regex> + <validator name="base64"/> </constraint> - <constraintErrorMessage>Key is not valid 44-character (32-bytes) base64</constraintErrorMessage> + <constraintErrorMessage>Key is not base64-encoded</constraintErrorMessage> </properties> </leafNode> <leafNode name="allowed-ips"> diff --git a/interface-definitions/pki.xml.in b/interface-definitions/pki.xml.in index a13a357fd..3449819be 100644 --- a/interface-definitions/pki.xml.in +++ b/interface-definitions/pki.xml.in @@ -14,6 +14,10 @@ <leafNode name="certificate"> <properties> <help>CA certificate in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>CA certificate is not base64-encoded</constraintErrorMessage> </properties> </leafNode> #include <include/generic-description.xml.i> @@ -25,6 +29,10 @@ <leafNode name="key"> <properties> <help>CA private key in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>CA private key is not base64-encoded</constraintErrorMessage> </properties> </leafNode> <leafNode name="password-protected"> @@ -38,6 +46,10 @@ <leafNode name="crl"> <properties> <help>Certificate revocation list in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>CRL is not base64-encoded</constraintErrorMessage> <multi/> </properties> </leafNode> @@ -57,6 +69,10 @@ <leafNode name="certificate"> <properties> <help>Certificate in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>Certificate is not base64-encoded</constraintErrorMessage> </properties> </leafNode> #include <include/generic-description.xml.i> @@ -68,6 +84,10 @@ <leafNode name="key"> <properties> <help>Certificate private key in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>Certificate private key is not base64-encoded</constraintErrorMessage> </properties> </leafNode> <leafNode name="password-protected"> @@ -94,6 +114,10 @@ <leafNode name="parameters"> <properties> <help>DH parameters in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>DH parameters are not base64-encoded</constraintErrorMessage> </properties> </leafNode> </children> @@ -111,6 +135,10 @@ <leafNode name="key"> <properties> <help>Public key in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>Public key is not base64-encoded</constraintErrorMessage> </properties> </leafNode> </children> @@ -123,6 +151,10 @@ <leafNode name="key"> <properties> <help>Private key in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>Private key is not base64-encoded</constraintErrorMessage> </properties> </leafNode> <leafNode name="password-protected"> diff --git a/interface-definitions/service_aws_glb.xml.in b/interface-definitions/service_aws_glb.xml.in deleted file mode 100644 index c749fd04e..000000000 --- a/interface-definitions/service_aws_glb.xml.in +++ /dev/null @@ -1,127 +0,0 @@ -<?xml version="1.0"?> -<interfaceDefinition> - <node name="service"> - <children> - <node name="aws"> - <properties> - <help>Amazon Web Service</help> - <priority>1280</priority> - </properties> - <children> - <node name="glb" owner="${vyos_conf_scripts_dir}/service_aws_glb.py"> - <properties> - <help>Gateway load-balancer tunnel handler</help> - </properties> - <children> - <node name="script"> - <properties> - <help>Script executed on create or destroy tunnel</help> - </properties> - <children> - <leafNode name="on-create"> - <properties> - <help>Script to run when interface is created</help> - <constraint> - <validator name="script"/> - </constraint> - </properties> - </leafNode> - <leafNode name="on-destroy"> - <properties> - <help>Script to run when interface is destroyed</help> - <constraint> - <validator name="script"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <node name="status"> - <properties> - <help>Status</help> - </properties> - <children> - <leafNode name="format"> - <properties> - <help>Statistic format</help> - <completionHelp> - <list>simple full</list> - </completionHelp> - <valueHelp> - <format>simple</format> - <description>Simple format</description> - </valueHelp> - <valueHelp> - <format>full</format> - <description>Full format</description> - </valueHelp> - <constraint> - <regex>(simple|full)</regex> - </constraint> - </properties> - </leafNode> - #include <include/port-number.xml.i> - </children> - </node> - <node name="threads"> - <properties> - <help>Threads settings</help> - </properties> - <children> - <leafNode name="tunnel"> - <properties> - <help>Number of threads for each tunnel processor</help> - <valueHelp> - <format>u32:1-256</format> - <description>Number of threads</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-256"/> - </constraint> - </properties> - </leafNode> - <leafNode name="tunnel-affinity"> - <properties> - <help>List of cores worker threads</help> - <valueHelp> - <format><idN>-<idM></format> - <description>CPU core id range (use '-' as delimiter)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--allow-range --range 0-255"/> - </constraint> - </properties> - </leafNode> - <leafNode name="udp"> - <properties> - <help>Number of threads for UDP receiver</help> - <valueHelp> - <format>u32:1-256</format> - <description>Number of threads</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-256"/> - </constraint> - </properties> - </leafNode> - <leafNode name="udp-affinity"> - <properties> - <help>List of cores worker threads</help> - <valueHelp> - <format><idN>-<idM></format> - <description>CPU core id range (use '-' as delimiter)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--allow-range --range 0-255"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - </children> - </node> - </children> - </node> - </children> - </node> -</interfaceDefinition> |