From 92a75196e5a0d9568905f1c990a080cc4e1e0ea9 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Tue, 21 Nov 2023 20:25:59 +0100 Subject: http: T5762: rename "virtual-host listen-port" -> "virtual-host port" This complements commit f5e43b136 ("http: T5762: api: make API socket backend communication the one and only default") so we have a consistent port CLI node across VyOS components. (cherry picked from commit 0e885f1bf01424130b6876e769cc42612b19351b) --- interface-definitions/https.xml.in | 14 +++----------- python/vyos/defaults.py | 3 --- smoketest/config-tests/basic-api-service | 8 ++++++++ smoketest/configs/basic-api-service | 24 ++++++++++++++++++++++-- smoketest/scripts/cli/test_service_https.py | 5 ++--- src/conf_mode/https.py | 4 ++-- src/migration-scripts/https/4-to-5 | 6 ++++++ 7 files changed, 43 insertions(+), 21 deletions(-) diff --git a/interface-definitions/https.xml.in b/interface-definitions/https.xml.in index 448075b5b..05c552e6b 100644 --- a/interface-definitions/https.xml.in +++ b/interface-definitions/https.xml.in @@ -41,17 +41,9 @@ - - - Port to listen for HTTPS requests; default 443 - - u32:1-65535 - Numeric IP port - - - - - + #include + + 443 diff --git a/python/vyos/defaults.py b/python/vyos/defaults.py index a229533bd..b7f39ecb0 100644 --- a/python/vyos/defaults.py +++ b/python/vyos/defaults.py @@ -51,9 +51,6 @@ https_data = { } api_data = { - 'listen_address' : '127.0.0.1', - 'port' : '8080', - 'socket' : False, 'strict' : False, 'debug' : False, 'api_keys' : [ {'id' : 'testapp', 'key' : 'qwerty'} ] diff --git a/smoketest/config-tests/basic-api-service b/smoketest/config-tests/basic-api-service index d78062402..1d2dc3472 100644 --- a/smoketest/config-tests/basic-api-service +++ b/smoketest/config-tests/basic-api-service @@ -5,6 +5,14 @@ set service ntp server time1.vyos.net set service ntp server time2.vyos.net set service ntp server time3.vyos.net set service https api keys id 1 key 'S3cur3' +set service https virtual-host bar allow-client address '172.16.0.0/12' +set service https virtual-host bar port '5555' +set service https virtual-host foo allow-client address '10.0.0.0/8' +set service https virtual-host foo allow-client address '2001:db8::/32' +set service https virtual-host foo port '7777' +set service https virtual-host baz allow-client address '192.168.0.0/16' +set service https virtual-host baz port '6666' +set service https virtual-host baz server-name 'baz' set system config-management commit-revisions '100' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/' diff --git a/smoketest/configs/basic-api-service b/smoketest/configs/basic-api-service index 98b2ebcf8..f5b56ac98 100644 --- a/smoketest/configs/basic-api-service +++ b/smoketest/configs/basic-api-service @@ -18,8 +18,28 @@ service { } socket } - } - ssh { + virtual-host bar { + allow-client { + address 172.16.0.0/12 + } + listen-port 5555 + server-name bar + } + virtual-host baz { + allow-client { + address 192.168.0.0/16 + } + listen-port 6666 + server-name baz + } + virtual-host foo { + allow-client { + address 10.0.0.0/8 + address 2001:db8::/32 + } + listen-port 7777 + server-name foo + } } } system { diff --git a/smoketest/scripts/cli/test_service_https.py b/smoketest/scripts/cli/test_service_https.py index 4da85fadf..901a1857e 100755 --- a/smoketest/scripts/cli/test_service_https.py +++ b/smoketest/scripts/cli/test_service_https.py @@ -81,7 +81,7 @@ class TestHTTPSService(VyOSUnitTestSHIM.TestCase): test_path = base_path + ['virtual-host', vhost_id] self.cli_set(test_path + ['listen-address', address]) - self.cli_set(test_path + ['listen-port', port]) + self.cli_set(test_path + ['port', port]) self.cli_set(test_path + ['server-name', name]) self.cli_commit() @@ -102,7 +102,7 @@ class TestHTTPSService(VyOSUnitTestSHIM.TestCase): def test_api_auth(self): vhost_id = 'example' address = '127.0.0.1' - port = '443' + port = '443' # default value name = 'localhost' key = 'MySuperSecretVyOS' @@ -110,7 +110,6 @@ class TestHTTPSService(VyOSUnitTestSHIM.TestCase): test_path = base_path + ['virtual-host', vhost_id] self.cli_set(test_path + ['listen-address', address]) - self.cli_set(test_path + ['listen-port', port]) self.cli_set(test_path + ['server-name', name]) self.cli_commit() diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index 028a5007a..26c4343a0 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -122,7 +122,7 @@ def verify(https): server_block = deepcopy(default_server_block) data = vhost_dict.get(vhost, {}) server_block['address'] = data.get('listen-address', '*') - server_block['port'] = data.get('listen-port', '443') + server_block['port'] = data.get('port', '443') server_block_list.append(server_block) for entry in server_block_list: @@ -156,7 +156,7 @@ def generate(https): server_block['id'] = vhost data = vhost_dict.get(vhost, {}) server_block['address'] = data.get('listen-address', '*') - server_block['port'] = data.get('listen-port', '443') + server_block['port'] = data.get('port', '443') name = data.get('server-name', ['_']) server_block['name'] = name allow_client = data.get('allow-client', {}) diff --git a/src/migration-scripts/https/4-to-5 b/src/migration-scripts/https/4-to-5 index a503e0cb7..0dfb6ac19 100755 --- a/src/migration-scripts/https/4-to-5 +++ b/src/migration-scripts/https/4-to-5 @@ -48,6 +48,12 @@ if config.exists(base + ['api', 'socket']): if config.exists(base + ['api', 'port']): config.delete(base + ['api', 'port']) +# rename listen-port -> port ver virtual-host +if config.exists(base + ['virtual-host']): + for vhost in config.list_nodes(base + ['virtual-host']): + if config.exists(base + ['virtual-host', vhost, 'listen-port']): + config.rename(base + ['virtual-host', vhost, 'listen-port'], 'port') + try: with open(file_name, 'w') as f: f.write(config.to_string()) -- cgit v1.2.3