From 6717754910504891a298b5ce3ff56adaf4ac617c Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Fri, 10 Aug 2018 18:24:43 +0200 Subject: T666, T616: fix messed up variables in hello source/peer address checking. --- src/conf_mode/vrrp.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/conf_mode/vrrp.py b/src/conf_mode/vrrp.py index 155b71aa8..0f6e531e8 100755 --- a/src/conf_mode/vrrp.py +++ b/src/conf_mode/vrrp.py @@ -255,7 +255,7 @@ def verify(data): raise ConfigError("VRRP group {0} uses IPv4 but its hello-source-address is IPv6".format(group["name"])) if group["peer_address"]: pa = ipaddress.ip_address(group["peer_address"]) - if isinstance(hsa, ipaddress.IPv6Address): + if isinstance(pa, ipaddress.IPv6Address): raise ConfigError("VRRP group {0} uses IPv4 but its peer-address is IPv6".format(group["name"])) if vaddrs6: @@ -265,7 +265,7 @@ def verify(data): raise ConfigError("VRRP group {0} uses IPv6 but its hello-source-address is IPv4".format(group["name"])) if group["peer_address"]: pa = ipaddress.ip_address(group["peer_address"]) - if isinstance(hsa, ipaddress.IPv4Address): + if isinstance(pa, ipaddress.IPv4Address): raise ConfigError("VRRP group {0} uses IPv6 but its peer-address is IPv4".format(group["name"])) # Disallow same VRID on multiple interfaces -- cgit v1.2.3 From 5e58b540451fe7892f824bcc6b691c61ffd6a3d7 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Fri, 10 Aug 2018 21:35:11 +0200 Subject: T666, T616: exit from op mode script if VRRP information is not available. --- src/op_mode/vrrp.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/op_mode/vrrp.py b/src/op_mode/vrrp.py index ba8b56de3..54e1bfb57 100755 --- a/src/op_mode/vrrp.py +++ b/src/op_mode/vrrp.py @@ -34,6 +34,7 @@ def print_summary(): json_data = vyos.keepalived.get_json_data() except: print("VRRP information is not available") + sys.exit(1) groups = [] for group in json_data: @@ -64,6 +65,7 @@ def print_statistics(): print(output) except: print("VRRP statistics are not available") + sys.exit(1) def print_state_data(): try: @@ -73,6 +75,7 @@ def print_state_data(): print(output) except: print("VRRP information is not available") + sys.exit(1) parser = argparse.ArgumentParser() group = parser.add_mutually_exclusive_group() -- cgit v1.2.3 From 12ce8b309d2535ba7277da4561bdd80bb89185be Mon Sep 17 00:00:00 2001 From: Peri Diane Jones Date: Sat, 11 Aug 2018 22:28:13 +0000 Subject: T772 allow stow-away arguments in the script name field https://phabricator.vyos.net/T772 --- src/system/vrrp-script-wrapper.py | 2 +- src/validators/script | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/system/vrrp-script-wrapper.py b/src/system/vrrp-script-wrapper.py index 5d6aa6c55..ce9142b7d 100755 --- a/src/system/vrrp-script-wrapper.py +++ b/src/system/vrrp-script-wrapper.py @@ -58,7 +58,7 @@ if (old_state is None) or (old_state != args.state): syslog.syslog(syslog.LOG_NOTICE, 'Running transition script {0} for VRRP group {1}'.format(args.script, args.group)) try: - ret = subprocess.call([args.script, args.state, args.interface, args.group]) + ret = subprocess.call("%s %s %s %s" % ( args.script, args.state, args.interface, args.group), shell=True) if ret != 0: syslog.syslog(syslog.LOG_ERR, "Transition script {0} failed, exit status: {1}".format(args.script, ret)) exitcode = ret diff --git a/src/validators/script b/src/validators/script index beeba57ae..689296a73 100755 --- a/src/validators/script +++ b/src/validators/script @@ -20,6 +20,7 @@ import re import os import sys +import shlex import vyos.util @@ -28,7 +29,8 @@ if len(sys.argv) < 2: print("Please specify script file to check") sys.exit(1) -script = sys.argv[1] +#if the "script" is a script+ stowaway arugments, this removes the aguements +script = shlex.split(sys.argv[1])[0] if not os.path.exists(script): print("File {0} does not exist".format(script)) -- cgit v1.2.3