From a6362cc32135b39b4320221006f48fef78f40c24 Mon Sep 17 00:00:00 2001
From: John Estabrook <jestabro@vyos.io>
Date: Thu, 8 Aug 2024 14:24:00 -0500
Subject: configverify: T6642: verify_interface_exists requires config_dict arg
The function verify_interface_exists requires a reference to the ambient
config_dict rather than creating an instance. As access is required to
the 'interfaces' path, provide as attribute of class ConfigDict, so as
not to confuse path searches of script-specific config_dict instances.
(cherry picked from commit 5f23b7275564cfaa7c178d320868b5f5e86ae606)
---
src/conf_mode/firewall.py | 2 +-
src/conf_mode/interfaces_ethernet.py | 4 ++--
src/conf_mode/interfaces_wwan.py | 2 +-
src/conf_mode/policy_local-route.py | 2 +-
src/conf_mode/protocols_igmp-proxy.py | 2 +-
src/conf_mode/protocols_isis.py | 2 +-
src/conf_mode/protocols_mpls.py | 2 +-
src/conf_mode/protocols_ospf.py | 2 +-
src/conf_mode/protocols_ospfv3.py | 2 +-
src/conf_mode/protocols_pim.py | 2 +-
src/conf_mode/protocols_pim6.py | 2 +-
src/conf_mode/qos.py | 2 +-
src/conf_mode/service_broadcast-relay.py | 2 +-
src/conf_mode/service_conntrack-sync.py | 2 +-
src/conf_mode/service_dns_dynamic.py | 2 +-
src/conf_mode/service_ipoe-server.py | 2 +-
src/conf_mode/service_mdns_repeater.py | 2 +-
src/conf_mode/service_ndp-proxy.py | 2 +-
src/conf_mode/service_ntp.py | 2 +-
src/conf_mode/service_pppoe-server.py | 2 +-
src/conf_mode/service_salt-minion.py | 2 +-
src/conf_mode/system_flow-accounting.py | 2 +-
src/conf_mode/system_option.py | 2 +-
src/conf_mode/vpn_ipsec.py | 8 ++++----
24 files changed, 28 insertions(+), 28 deletions(-)
(limited to 'src/conf_mode')
diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py
index e96e57154..9e95d7794 100755
--- a/src/conf_mode/firewall.py
+++ b/src/conf_mode/firewall.py
@@ -335,7 +335,7 @@ def verify(firewall):
raise ConfigError(f'Flowtable "{flowtable}" requires at least one interface')
for ifname in flowtable_conf['interface']:
- verify_interface_exists(ifname)
+ verify_interface_exists(firewall, ifname)
if dict_search_args(flowtable_conf, 'offload') == 'hardware':
interfaces = flowtable_conf['interface']
diff --git a/src/conf_mode/interfaces_ethernet.py b/src/conf_mode/interfaces_ethernet.py
index 54d0669cb..afc48ead8 100755
--- a/src/conf_mode/interfaces_ethernet.py
+++ b/src/conf_mode/interfaces_ethernet.py
@@ -310,7 +310,7 @@ def verify_bond_member(ethernet):
:type ethernet: dict
"""
ifname = ethernet['ifname']
- verify_interface_exists(ifname)
+ verify_interface_exists(ethernet, ifname)
verify_eapol(ethernet)
verify_mirror_redirect(ethernet)
ethtool = Ethtool(ifname)
@@ -327,7 +327,7 @@ def verify_ethernet(ethernet):
:type ethernet: dict
"""
ifname = ethernet['ifname']
- verify_interface_exists(ifname)
+ verify_interface_exists(ethernet, ifname)
verify_mtu(ethernet)
verify_mtu_ipv6(ethernet)
verify_dhcpv6(ethernet)
diff --git a/src/conf_mode/interfaces_wwan.py b/src/conf_mode/interfaces_wwan.py
index 2515dc838..230eb14d6 100755
--- a/src/conf_mode/interfaces_wwan.py
+++ b/src/conf_mode/interfaces_wwan.py
@@ -95,7 +95,7 @@ def verify(wwan):
if not 'apn' in wwan:
raise ConfigError(f'No APN configured for "{ifname}"!')
- verify_interface_exists(ifname)
+ verify_interface_exists(wwan, ifname)
verify_authentication(wwan)
verify_vrf(wwan)
verify_mirror_redirect(wwan)
diff --git a/src/conf_mode/policy_local-route.py b/src/conf_mode/policy_local-route.py
index f458f4e82..331fd972d 100755
--- a/src/conf_mode/policy_local-route.py
+++ b/src/conf_mode/policy_local-route.py
@@ -223,7 +223,7 @@ def verify(pbr):
if 'inbound_interface' in pbr_route['rule'][rule]:
interface = pbr_route['rule'][rule]['inbound_interface']
- verify_interface_exists(interface)
+ verify_interface_exists(pbr, interface)
return None
diff --git a/src/conf_mode/protocols_igmp-proxy.py b/src/conf_mode/protocols_igmp-proxy.py
index afcef0985..9a07adf05 100755
--- a/src/conf_mode/protocols_igmp-proxy.py
+++ b/src/conf_mode/protocols_igmp-proxy.py
@@ -65,7 +65,7 @@ def verify(igmp_proxy):
upstream = 0
for interface, config in igmp_proxy['interface'].items():
- verify_interface_exists(interface)
+ verify_interface_exists(igmp_proxy, interface)
if dict_search('role', config) == 'upstream':
upstream += 1
diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py
index 9cadfd081..ba2f3cf0d 100755
--- a/src/conf_mode/protocols_isis.py
+++ b/src/conf_mode/protocols_isis.py
@@ -102,7 +102,7 @@ def verify(isis):
raise ConfigError('Interface used for routing updates is mandatory!')
for interface in isis['interface']:
- verify_interface_exists(interface)
+ verify_interface_exists(isis, interface)
# Interface MTU must be >= configured lsp-mtu
mtu = Interface(interface).get_mtu()
area_mtu = isis['lsp_mtu']
diff --git a/src/conf_mode/protocols_mpls.py b/src/conf_mode/protocols_mpls.py
index 177a43444..ad164db9f 100755
--- a/src/conf_mode/protocols_mpls.py
+++ b/src/conf_mode/protocols_mpls.py
@@ -49,7 +49,7 @@ def verify(mpls):
if 'interface' in mpls:
for interface in mpls['interface']:
- verify_interface_exists(interface)
+ verify_interface_exists(mpls, interface)
# Checks to see if LDP is properly configured
if 'ldp' in mpls:
diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py
index 6fffe7e0d..7347c4faa 100755
--- a/src/conf_mode/protocols_ospf.py
+++ b/src/conf_mode/protocols_ospf.py
@@ -144,7 +144,7 @@ def verify(ospf):
if 'interface' in ospf:
for interface, interface_config in ospf['interface'].items():
- verify_interface_exists(interface)
+ verify_interface_exists(ospf, interface)
# One can not use dead-interval and hello-multiplier at the same
# time. FRR will only activate the last option set via CLI.
if {'hello_multiplier', 'dead_interval'} <= set(interface_config):
diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py
index 1bb172293..60c2a9b16 100755
--- a/src/conf_mode/protocols_ospfv3.py
+++ b/src/conf_mode/protocols_ospfv3.py
@@ -127,7 +127,7 @@ def verify(ospfv3):
if 'interface' in ospfv3:
for interface, interface_config in ospfv3['interface'].items():
- verify_interface_exists(interface)
+ verify_interface_exists(ospfv3, interface)
if 'ifmtu' in interface_config:
mtu = Interface(interface).get_mtu()
if int(interface_config['ifmtu']) > int(mtu):
diff --git a/src/conf_mode/protocols_pim.py b/src/conf_mode/protocols_pim.py
index d450d11ca..79294a1f0 100755
--- a/src/conf_mode/protocols_pim.py
+++ b/src/conf_mode/protocols_pim.py
@@ -97,7 +97,7 @@ def verify(pim):
raise ConfigError('PIM require defined interfaces!')
for interface, interface_config in pim['interface'].items():
- verify_interface_exists(interface)
+ verify_interface_exists(pim, interface)
# Check join group in reserved net
if 'igmp' in interface_config and 'join' in interface_config['igmp']:
diff --git a/src/conf_mode/protocols_pim6.py b/src/conf_mode/protocols_pim6.py
index 2003a1014..581ffe238 100755
--- a/src/conf_mode/protocols_pim6.py
+++ b/src/conf_mode/protocols_pim6.py
@@ -63,7 +63,7 @@ def verify(pim6):
return
for interface, interface_config in pim6.get('interface', {}).items():
- verify_interface_exists(interface)
+ verify_interface_exists(pim6, interface)
if 'mld' in interface_config:
mld = interface_config['mld']
for group in mld.get('join', {}).keys():
diff --git a/src/conf_mode/qos.py b/src/conf_mode/qos.py
index a97a09ba0..2445b8515 100755
--- a/src/conf_mode/qos.py
+++ b/src/conf_mode/qos.py
@@ -237,7 +237,7 @@ def apply(qos):
return None
for interface, interface_config in qos['interface'].items():
- if not verify_interface_exists(interface, state_required=True, warning_only=True):
+ if not verify_interface_exists(qos, interface, state_required=True, warning_only=True):
# When shaper is bound to a dialup (e.g. PPPoE) interface it is
# possible that it is yet not availbale when to QoS code runs.
# Skip the configuration and inform the user via warning_only=True
diff --git a/src/conf_mode/service_broadcast-relay.py b/src/conf_mode/service_broadcast-relay.py
index 31c552f5a..d35954718 100755
--- a/src/conf_mode/service_broadcast-relay.py
+++ b/src/conf_mode/service_broadcast-relay.py
@@ -59,7 +59,7 @@ def verify(relay):
raise ConfigError('At least two interfaces are required for UDP broadcast relay "{instance}"')
for interface in config.get('interface', []):
- verify_interface_exists(interface)
+ verify_interface_exists(relay, interface)
if not is_afi_configured(interface, AF_INET):
raise ConfigError(f'Interface "{interface}" has no IPv4 address configured!')
diff --git a/src/conf_mode/service_conntrack-sync.py b/src/conf_mode/service_conntrack-sync.py
index 4fb2ce27f..3a233a172 100755
--- a/src/conf_mode/service_conntrack-sync.py
+++ b/src/conf_mode/service_conntrack-sync.py
@@ -67,7 +67,7 @@ def verify(conntrack):
has_peer = False
for interface, interface_config in conntrack['interface'].items():
- verify_interface_exists(interface)
+ verify_interface_exists(conntrack, interface)
# Interface must not only exist, it must also carry an IP address
if len(get_ipv4(interface)) < 1:
raise ConfigError(f'Interface {interface} requires an IP address!')
diff --git a/src/conf_mode/service_dns_dynamic.py b/src/conf_mode/service_dns_dynamic.py
index a551a9891..5f5303856 100755
--- a/src/conf_mode/service_dns_dynamic.py
+++ b/src/conf_mode/service_dns_dynamic.py
@@ -104,7 +104,7 @@ def verify(dyndns):
Warning(f'Interface "{config["address"]["interface"]}" does not exist yet and '
f'cannot be used for Dynamic DNS service "{service}" until it is up!')
else:
- verify_interface_exists(config['address']['interface'])
+ verify_interface_exists(dyndns, config['address']['interface'])
if 'web' in config['address']:
# If 'skip' is specified, 'url' is required as well
diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py
index 28b7fb03c..16c82e591 100755
--- a/src/conf_mode/service_ipoe-server.py
+++ b/src/conf_mode/service_ipoe-server.py
@@ -66,7 +66,7 @@ def verify(ipoe):
raise ConfigError('No IPoE interface configured')
for interface, iface_config in ipoe['interface'].items():
- verify_interface_exists(interface, warning_only=True)
+ verify_interface_exists(ipoe, interface, warning_only=True)
if 'client_subnet' in iface_config and 'vlan' in iface_config:
raise ConfigError('Option "client-subnet" and "vlan" are mutually exclusive, '
'use "client-ip-pool" instead!')
diff --git a/src/conf_mode/service_mdns_repeater.py b/src/conf_mode/service_mdns_repeater.py
index 207da5e03..b0ece031c 100755
--- a/src/conf_mode/service_mdns_repeater.py
+++ b/src/conf_mode/service_mdns_repeater.py
@@ -65,7 +65,7 @@ def verify(mdns):
# For mdns-repeater to work it is essential that the interfaces has
# an IPv4 address assigned
for interface in mdns['interface']:
- verify_interface_exists(interface)
+ verify_interface_exists(mdns, interface)
if mdns['ip_version'] in ['ipv4', 'both'] and AF_INET not in ifaddresses(interface):
raise ConfigError('mDNS repeater requires an IPv4 address to be '
diff --git a/src/conf_mode/service_ndp-proxy.py b/src/conf_mode/service_ndp-proxy.py
index aa2374f4c..024ad79f2 100755
--- a/src/conf_mode/service_ndp-proxy.py
+++ b/src/conf_mode/service_ndp-proxy.py
@@ -50,7 +50,7 @@ def verify(ndpp):
if 'interface' in ndpp:
for interface, interface_config in ndpp['interface'].items():
- verify_interface_exists(interface)
+ verify_interface_exists(ndpp, interface)
if 'rule' in interface_config:
for rule, rule_config in interface_config['rule'].items():
diff --git a/src/conf_mode/service_ntp.py b/src/conf_mode/service_ntp.py
index f11690ee6..83880fd72 100755
--- a/src/conf_mode/service_ntp.py
+++ b/src/conf_mode/service_ntp.py
@@ -64,7 +64,7 @@ def verify(ntp):
if 'interface' in ntp:
# If ntpd should listen on a given interface, ensure it exists
interface = ntp['interface']
- verify_interface_exists(interface)
+ verify_interface_exists(ntp, interface)
# If we run in a VRF, our interface must belong to this VRF, too
if 'vrf' in ntp:
diff --git a/src/conf_mode/service_pppoe-server.py b/src/conf_mode/service_pppoe-server.py
index c95f976d3..566a7b149 100755
--- a/src/conf_mode/service_pppoe-server.py
+++ b/src/conf_mode/service_pppoe-server.py
@@ -122,7 +122,7 @@ def verify(pppoe):
# Check is interface exists in the system
for interface in pppoe['interface']:
- verify_interface_exists(interface, warning_only=True)
+ verify_interface_exists(pppoe, interface, warning_only=True)
return None
diff --git a/src/conf_mode/service_salt-minion.py b/src/conf_mode/service_salt-minion.py
index a8fce8e01..edf74b0c0 100755
--- a/src/conf_mode/service_salt-minion.py
+++ b/src/conf_mode/service_salt-minion.py
@@ -70,7 +70,7 @@ def verify(salt):
Warning('Do not use sha1 hashing algorithm, upgrade to sha256 or later!')
if 'source_interface' in salt:
- verify_interface_exists(salt['source_interface'])
+ verify_interface_exists(salt, salt['source_interface'])
return None
diff --git a/src/conf_mode/system_flow-accounting.py b/src/conf_mode/system_flow-accounting.py
index 2dacd92da..a12ee363d 100755
--- a/src/conf_mode/system_flow-accounting.py
+++ b/src/conf_mode/system_flow-accounting.py
@@ -183,7 +183,7 @@ def verify(flow_config):
# check that all configured interfaces exists in the system
for interface in flow_config['interface']:
- verify_interface_exists(interface, warning_only=True)
+ verify_interface_exists(flow_config, interface, warning_only=True)
# check sFlow configuration
if 'sflow' in flow_config:
diff --git a/src/conf_mode/system_option.py b/src/conf_mode/system_option.py
index 180686924..9fd7a3195 100755
--- a/src/conf_mode/system_option.py
+++ b/src/conf_mode/system_option.py
@@ -68,7 +68,7 @@ def verify(options):
if 'http_client' in options:
config = options['http_client']
if 'source_interface' in config:
- verify_interface_exists(config['source_interface'])
+ verify_interface_exists(options, config['source_interface'])
if {'source_address', 'source_interface'} <= set(config):
raise ConfigError('Can not define both HTTP source-interface and source-address')
diff --git a/src/conf_mode/vpn_ipsec.py b/src/conf_mode/vpn_ipsec.py
index cf82b767f..65dd458ec 100755
--- a/src/conf_mode/vpn_ipsec.py
+++ b/src/conf_mode/vpn_ipsec.py
@@ -180,9 +180,9 @@ def verify(ipsec):
for interface in ipsec['interface']:
# exclude check interface for dynamic interfaces
if tmp.match(interface):
- verify_interface_exists(interface, warning_only=True)
+ verify_interface_exists(ipsec, interface, warning_only=True)
else:
- verify_interface_exists(interface)
+ verify_interface_exists(ipsec, interface)
if 'l2tp' in ipsec:
if 'esp_group' in ipsec['l2tp']:
@@ -243,7 +243,7 @@ def verify(ipsec):
if 'dhcp_interface' in ra_conf:
dhcp_interface = ra_conf['dhcp_interface']
- verify_interface_exists(dhcp_interface)
+ verify_interface_exists(ipsec, dhcp_interface)
dhcp_base = directories['isc_dhclient_dir']
if not os.path.exists(f'{dhcp_base}/dhclient_{dhcp_interface}.conf'):
@@ -414,7 +414,7 @@ def verify(ipsec):
if 'dhcp_interface' in peer_conf:
dhcp_interface = peer_conf['dhcp_interface']
- verify_interface_exists(dhcp_interface)
+ verify_interface_exists(ipsec, dhcp_interface)
dhcp_base = directories['isc_dhclient_dir']
if not os.path.exists(f'{dhcp_base}/dhclient_{dhcp_interface}.conf'):
--
cgit v1.2.3