From 1bfe09f90b9eca58f00cfae880e13e88c6dae894 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sat, 26 Mar 2022 09:24:36 +0100
Subject: vyos.validate: T4321: make is_intf_addr_assigned() VRF aware

---
 python/vyos/validate.py | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/python/vyos/validate.py b/python/vyos/validate.py
index 0dad2a6cb..6dfa1139f 100644
--- a/python/vyos/validate.py
+++ b/python/vyos/validate.py
@@ -43,19 +43,15 @@ def _are_same_ip(one, two):
     s_two = AF_INET if is_ipv4(two) else AF_INET6
     return inet_pton(f_one, one) == inet_pton(f_one, two)
 
-def is_intf_addr_assigned(intf, addr):
-    if '/' in addr:
-        ip,mask = addr.split('/')
-        return _is_intf_addr_assigned(intf, ip, mask)
-    return _is_intf_addr_assigned(intf, addr)
-
-def _is_intf_addr_assigned(intf, address, netmask=None):
+def is_intf_addr_assigned(intf, address, vrf=None) -> bool:
     """
     Verify if the given IPv4/IPv6 address is assigned to specific interface.
     It can check both a single IP address (e.g. 192.0.2.1 or a assigned CIDR
     address 192.0.2.1/24.
     """
     from vyos.template import is_ipv4
+    from vyos.util import get_interface_config
+
     from netifaces import ifaddresses
     from netifaces import AF_INET
     from netifaces import AF_INET6
@@ -72,10 +68,19 @@ def _is_intf_addr_assigned(intf, address, netmask=None):
         print(e)
         return False
 
+    # Check if interface belongs to requested VRF. If interfaces does not
+    # belong to requested VRF - bail out early
+    tmp = get_interface_config(intf)
+    if 'master' in tmp and tmp['master'] != vrf:
+        return False
+
     # determine IP version (AF_INET or AF_INET6) depending on passed address
     addr_type = AF_INET if is_ipv4(address) else AF_INET6
 
     # Check every IP address on this interface for a match
+    netmask = None
+    if '/' in address:
+        address, netmask = address.split('/')
     for ip in ifaces.get(addr_type,[]):
         # ip can have the interface name in the 'addr' field, we need to remove it
         # {'addr': 'fe80::a00:27ff:fec5:f821%eth2', 'netmask': 'ffff:ffff:ffff:ffff::'}
@@ -99,13 +104,13 @@ def _is_intf_addr_assigned(intf, address, netmask=None):
 
     return False
 
-def is_addr_assigned(addr):
+def is_addr_assigned(addr, vrf=None) -> bool:
     """
     Verify if the given IPv4/IPv6 address is assigned to any interface
     """
     from netifaces import interfaces
     for intf in interfaces():
-        tmp = is_intf_addr_assigned(intf, addr)
+        tmp = is_intf_addr_assigned(intf, addr, vrf)
         if tmp == True:
             return True
 
-- 
cgit v1.2.3