From 62a8ef29d6238d5b777c3e946c132aca16a813c3 Mon Sep 17 00:00:00 2001 From: Jose Phillips Date: Tue, 16 Jan 2024 23:35:14 -0500 Subject: dhcp: T5952: Fix validate duplicate MAC Address on same subnet --- src/conf_mode/service_dhcp-server.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/conf_mode/service_dhcp-server.py b/src/conf_mode/service_dhcp-server.py index 2418c8faa..b11fa7c1a 100755 --- a/src/conf_mode/service_dhcp-server.py +++ b/src/conf_mode/service_dhcp-server.py @@ -233,6 +233,7 @@ def verify(dhcp): if 'static_mapping' in subnet_config: # Static mappings require just a MAC address (will use an IP from the dynamic pool if IP is not set) used_ips = [] + used_mac = [] for mapping, mapping_config in subnet_config['static_mapping'].items(): if 'ip_address' in mapping_config: if ip_address(mapping_config['ip_address']) not in ip_network(subnet): @@ -247,7 +248,11 @@ def verify(dhcp): if mapping_config['ip_address'] in used_ips: raise ConfigError(f'Configured IP address for static mapping "{mapping}" exists on another static mapping') + if mapping_config['mac'] in used_mac: + raise ConfigError(f'Configured MAC address for static mapping "{mapping}" exists on another static mapping') + used_ips.append(mapping_config['ip_address']) + used_mac.append(mapping_config['mac']) # There must be one subnet connected to a listen interface. # This only counts if the network itself is not disabled! -- cgit v1.2.3 From ea2104f18b26ce46f0d48eb953a98965b70bfe94 Mon Sep 17 00:00:00 2001 From: Jose Phillips Date: Thu, 18 Jan 2024 00:42:11 -0500 Subject: dhcp: T5952: Fix validate duplicate MAC Address on same subnet --- src/conf_mode/service_dhcp-server.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/conf_mode/service_dhcp-server.py b/src/conf_mode/service_dhcp-server.py index b11fa7c1a..4c0d2cb0c 100755 --- a/src/conf_mode/service_dhcp-server.py +++ b/src/conf_mode/service_dhcp-server.py @@ -247,13 +247,14 @@ def verify(dhcp): if mapping_config['ip_address'] in used_ips: raise ConfigError(f'Configured IP address for static mapping "{mapping}" exists on another static mapping') + used_ips.append(mapping_config['ip_address']) + if 'mac' in mapping_config: if mapping_config['mac'] in used_mac: raise ConfigError(f'Configured MAC address for static mapping "{mapping}" exists on another static mapping') - - used_ips.append(mapping_config['ip_address']) used_mac.append(mapping_config['mac']) + # There must be one subnet connected to a listen interface. # This only counts if the network itself is not disabled! if 'disable' not in network_config: -- cgit v1.2.3 From 18cd9ae2a5fccf68fdca4f0f4b310fc44bc4bb53 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Thu, 18 Jan 2024 20:55:46 +0100 Subject: dhcp: T5952: validate duplicate DUID in static-mappings incl. smoketests --- smoketest/scripts/cli/test_service_dhcp-server.py | 24 ++++++++++++++++++++--- src/conf_mode/service_dhcp-server.py | 11 ++++++++--- 2 files changed, 29 insertions(+), 6 deletions(-) diff --git a/smoketest/scripts/cli/test_service_dhcp-server.py b/smoketest/scripts/cli/test_service_dhcp-server.py index 3e6adb149..849a411f1 100755 --- a/smoketest/scripts/cli/test_service_dhcp-server.py +++ b/smoketest/scripts/cli/test_service_dhcp-server.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2020-2021 VyOS maintainers and contributors +# Copyright (C) 2020-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -383,12 +383,30 @@ class TestServiceDHCPServer(VyOSUnitTestSHIM.TestCase): self.cli_delete(pool + ['static-mapping', 'client1', 'duid']) # cannot have mappings with duplicate IP addresses + self.cli_set(pool + ['static-mapping', 'dupe1', 'mac', '00:50:00:00:fe:ff']) + self.cli_set(pool + ['static-mapping', 'dupe1', 'ip-address', inc_ip(subnet, 10)]) with self.assertRaises(ConfigSessionError): - self.cli_set(pool + ['static-mapping', 'dupe1', 'mac', '00:50:00:00:00:01']) - self.cli_set(pool + ['static-mapping', 'dupe1', 'ip-address', inc_ip(subnet, 10)]) self.cli_commit() self.cli_delete(pool + ['static-mapping', 'dupe1']) + # cannot have mappings with duplicate MAC addresses + self.cli_set(pool + ['static-mapping', 'dupe2', 'mac', '00:50:00:00:00:10']) + self.cli_set(pool + ['static-mapping', 'dupe2', 'ip-address', inc_ip(subnet, 120)]) + with self.assertRaises(ConfigSessionError): + self.cli_commit() + self.cli_delete(pool + ['static-mapping', 'dupe2']) + + + # cannot have mappings with duplicate MAC addresses + self.cli_set(pool + ['static-mapping', 'dupe3', 'duid', '00:01:02:03:04:05:06:07:aa:aa:aa:aa:aa:01']) + self.cli_set(pool + ['static-mapping', 'dupe3', 'ip-address', inc_ip(subnet, 121)]) + self.cli_set(pool + ['static-mapping', 'dupe4', 'duid', '00:01:02:03:04:05:06:07:aa:aa:aa:aa:aa:01']) + self.cli_set(pool + ['static-mapping', 'dupe4', 'ip-address', inc_ip(subnet, 121)]) + with self.assertRaises(ConfigSessionError): + self.cli_commit() + self.cli_delete(pool + ['static-mapping', 'dupe3']) + self.cli_delete(pool + ['static-mapping', 'dupe4']) + # commit changes self.cli_commit() diff --git a/src/conf_mode/service_dhcp-server.py b/src/conf_mode/service_dhcp-server.py index 4c0d2cb0c..9632b91fc 100755 --- a/src/conf_mode/service_dhcp-server.py +++ b/src/conf_mode/service_dhcp-server.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018-2023 VyOS maintainers and contributors +# Copyright (C) 2018-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -234,6 +234,7 @@ def verify(dhcp): # Static mappings require just a MAC address (will use an IP from the dynamic pool if IP is not set) used_ips = [] used_mac = [] + used_duid = [] for mapping, mapping_config in subnet_config['static_mapping'].items(): if 'ip_address' in mapping_config: if ip_address(mapping_config['ip_address']) not in ip_network(subnet): @@ -246,14 +247,18 @@ def verify(dhcp): f'static mapping "{mapping}" within shared-network "{network}, {subnet}"!') if mapping_config['ip_address'] in used_ips: - raise ConfigError(f'Configured IP address for static mapping "{mapping}" exists on another static mapping') + raise ConfigError(f'Configured IP address for static mapping "{mapping}" already exists on another static mapping') used_ips.append(mapping_config['ip_address']) if 'mac' in mapping_config: if mapping_config['mac'] in used_mac: - raise ConfigError(f'Configured MAC address for static mapping "{mapping}" exists on another static mapping') + raise ConfigError(f'Configured MAC address for static mapping "{mapping}" already exists on another static mapping') used_mac.append(mapping_config['mac']) + if 'duid' in mapping_config: + if mapping_config['duid'] in used_duid: + raise ConfigError(f'Configured DUID for static mapping "{mapping}" already exists on another static mapping') + used_duid.append(mapping_config['duid']) # There must be one subnet connected to a listen interface. # This only counts if the network itself is not disabled! -- cgit v1.2.3