From d55050dcb8806a982b0394dcde00c1814499d9f3 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Wed, 6 May 2020 21:41:15 +0200
Subject: sstp: T2392: add initial IPv6 support

New commands added:
* set vpn sstp network-settings client-ipv6-pool prefix 2001:db8::/64 mask 112
* set vpn sstp network-settings client-ipv6-pool delegate 2001:db8:100::/48 delegation-prefix 64
---
 interface-definitions/vpn_sstp.xml.in | 1 +
 1 file changed, 1 insertion(+)

(limited to 'interface-definitions')

diff --git a/interface-definitions/vpn_sstp.xml.in b/interface-definitions/vpn_sstp.xml.in
index 7e4471015..4ce231e0f 100644
--- a/interface-definitions/vpn_sstp.xml.in
+++ b/interface-definitions/vpn_sstp.xml.in
@@ -220,6 +220,7 @@
                       <multi/>
                 </properties>
               </leafNode>
+              #include <include/accel-client-ipv6-pool.xml.in>
               #include <include/interface-mtu-68-1500.xml.i>
             </children>
           </node>
-- 
cgit v1.2.3


From ed22334321d3b6f27b5d695a4f984257b909f78b Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Wed, 6 May 2020 21:44:07 +0200
Subject: sstp: T2392: add IPv6 DNS support

New command added:
* set vpn sstp network-settings name-server 2001:db8::1111
---
 data/templates/accel-ppp/sstp.config.tmpl |  8 ++++++++
 interface-definitions/vpn_sstp.xml.in     | 14 +-------------
 src/conf_mode/vpn_sstp.py                 | 13 +++++++++----
 3 files changed, 18 insertions(+), 17 deletions(-)

(limited to 'interface-definitions')

diff --git a/data/templates/accel-ppp/sstp.config.tmpl b/data/templates/accel-ppp/sstp.config.tmpl
index e0a48a44e..411fca489 100644
--- a/data/templates/accel-ppp/sstp.config.tmpl
+++ b/data/templates/accel-ppp/sstp.config.tmpl
@@ -54,6 +54,14 @@ dns{{ loop.index }}={{ dns }}
 {% endfor -%}
 {% endif %}
 
+{% if dnsv6 %}
+[ipv6-dns]
+{% for dns in dnsv6 -%}
+{{ dns }}
+{% endfor -%}
+{% endif %}
+
+
 {% if auth_mode == 'local' %}
 [chap-secrets]
 chap-secrets={{ chap_secrets_file }}
diff --git a/interface-definitions/vpn_sstp.xml.in b/interface-definitions/vpn_sstp.xml.in
index 4ce231e0f..f0c93b882 100644
--- a/interface-definitions/vpn_sstp.xml.in
+++ b/interface-definitions/vpn_sstp.xml.in
@@ -207,20 +207,8 @@
                   </leafNode>
                 </children>
               </node>
-              <leafNode name="name-server">
-                <properties>
-                  <help>DNS servers propagated to clients</help>
-                      <valueHelp>
-                        <format>ipv4</format>
-                        <description>IPv4 address</description>
-                      </valueHelp>
-                      <constraint>
-                        <validator name="ipv4-address"/>
-                      </constraint>
-                      <multi/>
-                </properties>
-              </leafNode>
               #include <include/accel-client-ipv6-pool.xml.in>
+              #include <include/accel-name-server.xml.in>
               #include <include/interface-mtu-68-1500.xml.i>
             </children>
           </node>
diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py
index 6d9496012..7c3e3f515 100755
--- a/src/conf_mode/vpn_sstp.py
+++ b/src/conf_mode/vpn_sstp.py
@@ -22,10 +22,10 @@ from copy import deepcopy
 from stat import S_IRUSR, S_IWUSR, S_IRGRP
 
 from vyos.config import Config
-from vyos import ConfigError
-from vyos.util import call, run, get_half_cpus
 from vyos.template import render
-
+from vyos.util import call, run, get_half_cpus
+from vyos.validate import is_ipv4
+from vyos import ConfigError
 
 sstp_conf = '/run/accel-pppd/sstp.conf'
 sstp_chap_secrets = '/run/accel-pppd/sstp.chap-secrets'
@@ -40,6 +40,7 @@ default_config_data = {
     'client_ipv6_delegate_prefix': [],
     'client_gateway': '',
     'dnsv4' : [],
+    'dnsv6' : [],
     'radius_server' : [],
     'radius_acct_tmo' : '3',
     'radius_max_try' : '3',
@@ -251,7 +252,11 @@ def get_config():
     # read in network settings
     conf.set_level(base_path + ['network-settings'])
     if conf.exists(['name-server']):
-        sstp['dnsv4'] = conf.return_values(['name-server'])
+        for name_server in conf.return_values(['name-server']):
+            if is_ipv4(name_server):
+                sstp['dnsv4'].append(name_server)
+            else:
+                sstp['dnsv6'].append(name_server)
 
     if conf.exists(['mtu']):
         sstp['mtu'] = conf.return_value(['mtu'])
-- 
cgit v1.2.3