From a6362cc32135b39b4320221006f48fef78f40c24 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Thu, 8 Aug 2024 14:24:00 -0500 Subject: configverify: T6642: verify_interface_exists requires config_dict arg The function verify_interface_exists requires a reference to the ambient config_dict rather than creating an instance. As access is required to the 'interfaces' path, provide as attribute of class ConfigDict, so as not to confuse path searches of script-specific config_dict instances. (cherry picked from commit 5f23b7275564cfaa7c178d320868b5f5e86ae606) --- src/conf_mode/firewall.py | 2 +- src/conf_mode/interfaces_ethernet.py | 4 ++-- src/conf_mode/interfaces_wwan.py | 2 +- src/conf_mode/policy_local-route.py | 2 +- src/conf_mode/protocols_igmp-proxy.py | 2 +- src/conf_mode/protocols_isis.py | 2 +- src/conf_mode/protocols_mpls.py | 2 +- src/conf_mode/protocols_ospf.py | 2 +- src/conf_mode/protocols_ospfv3.py | 2 +- src/conf_mode/protocols_pim.py | 2 +- src/conf_mode/protocols_pim6.py | 2 +- src/conf_mode/qos.py | 2 +- src/conf_mode/service_broadcast-relay.py | 2 +- src/conf_mode/service_conntrack-sync.py | 2 +- src/conf_mode/service_dns_dynamic.py | 2 +- src/conf_mode/service_ipoe-server.py | 2 +- src/conf_mode/service_mdns_repeater.py | 2 +- src/conf_mode/service_ndp-proxy.py | 2 +- src/conf_mode/service_ntp.py | 2 +- src/conf_mode/service_pppoe-server.py | 2 +- src/conf_mode/service_salt-minion.py | 2 +- src/conf_mode/system_flow-accounting.py | 2 +- src/conf_mode/system_option.py | 2 +- src/conf_mode/vpn_ipsec.py | 8 ++++---- 24 files changed, 28 insertions(+), 28 deletions(-) (limited to 'src/conf_mode') diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py index e96e57154..9e95d7794 100755 --- a/src/conf_mode/firewall.py +++ b/src/conf_mode/firewall.py @@ -335,7 +335,7 @@ def verify(firewall): raise ConfigError(f'Flowtable "{flowtable}" requires at least one interface') for ifname in flowtable_conf['interface']: - verify_interface_exists(ifname) + verify_interface_exists(firewall, ifname) if dict_search_args(flowtable_conf, 'offload') == 'hardware': interfaces = flowtable_conf['interface'] diff --git a/src/conf_mode/interfaces_ethernet.py b/src/conf_mode/interfaces_ethernet.py index 54d0669cb..afc48ead8 100755 --- a/src/conf_mode/interfaces_ethernet.py +++ b/src/conf_mode/interfaces_ethernet.py @@ -310,7 +310,7 @@ def verify_bond_member(ethernet): :type ethernet: dict """ ifname = ethernet['ifname'] - verify_interface_exists(ifname) + verify_interface_exists(ethernet, ifname) verify_eapol(ethernet) verify_mirror_redirect(ethernet) ethtool = Ethtool(ifname) @@ -327,7 +327,7 @@ def verify_ethernet(ethernet): :type ethernet: dict """ ifname = ethernet['ifname'] - verify_interface_exists(ifname) + verify_interface_exists(ethernet, ifname) verify_mtu(ethernet) verify_mtu_ipv6(ethernet) verify_dhcpv6(ethernet) diff --git a/src/conf_mode/interfaces_wwan.py b/src/conf_mode/interfaces_wwan.py index 2515dc838..230eb14d6 100755 --- a/src/conf_mode/interfaces_wwan.py +++ b/src/conf_mode/interfaces_wwan.py @@ -95,7 +95,7 @@ def verify(wwan): if not 'apn' in wwan: raise ConfigError(f'No APN configured for "{ifname}"!') - verify_interface_exists(ifname) + verify_interface_exists(wwan, ifname) verify_authentication(wwan) verify_vrf(wwan) verify_mirror_redirect(wwan) diff --git a/src/conf_mode/policy_local-route.py b/src/conf_mode/policy_local-route.py index f458f4e82..331fd972d 100755 --- a/src/conf_mode/policy_local-route.py +++ b/src/conf_mode/policy_local-route.py @@ -223,7 +223,7 @@ def verify(pbr): if 'inbound_interface' in pbr_route['rule'][rule]: interface = pbr_route['rule'][rule]['inbound_interface'] - verify_interface_exists(interface) + verify_interface_exists(pbr, interface) return None diff --git a/src/conf_mode/protocols_igmp-proxy.py b/src/conf_mode/protocols_igmp-proxy.py index afcef0985..9a07adf05 100755 --- a/src/conf_mode/protocols_igmp-proxy.py +++ b/src/conf_mode/protocols_igmp-proxy.py @@ -65,7 +65,7 @@ def verify(igmp_proxy): upstream = 0 for interface, config in igmp_proxy['interface'].items(): - verify_interface_exists(interface) + verify_interface_exists(igmp_proxy, interface) if dict_search('role', config) == 'upstream': upstream += 1 diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py index 9cadfd081..ba2f3cf0d 100755 --- a/src/conf_mode/protocols_isis.py +++ b/src/conf_mode/protocols_isis.py @@ -102,7 +102,7 @@ def verify(isis): raise ConfigError('Interface used for routing updates is mandatory!') for interface in isis['interface']: - verify_interface_exists(interface) + verify_interface_exists(isis, interface) # Interface MTU must be >= configured lsp-mtu mtu = Interface(interface).get_mtu() area_mtu = isis['lsp_mtu'] diff --git a/src/conf_mode/protocols_mpls.py b/src/conf_mode/protocols_mpls.py index 177a43444..ad164db9f 100755 --- a/src/conf_mode/protocols_mpls.py +++ b/src/conf_mode/protocols_mpls.py @@ -49,7 +49,7 @@ def verify(mpls): if 'interface' in mpls: for interface in mpls['interface']: - verify_interface_exists(interface) + verify_interface_exists(mpls, interface) # Checks to see if LDP is properly configured if 'ldp' in mpls: diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py index 6fffe7e0d..7347c4faa 100755 --- a/src/conf_mode/protocols_ospf.py +++ b/src/conf_mode/protocols_ospf.py @@ -144,7 +144,7 @@ def verify(ospf): if 'interface' in ospf: for interface, interface_config in ospf['interface'].items(): - verify_interface_exists(interface) + verify_interface_exists(ospf, interface) # One can not use dead-interval and hello-multiplier at the same # time. FRR will only activate the last option set via CLI. if {'hello_multiplier', 'dead_interval'} <= set(interface_config): diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py index 1bb172293..60c2a9b16 100755 --- a/src/conf_mode/protocols_ospfv3.py +++ b/src/conf_mode/protocols_ospfv3.py @@ -127,7 +127,7 @@ def verify(ospfv3): if 'interface' in ospfv3: for interface, interface_config in ospfv3['interface'].items(): - verify_interface_exists(interface) + verify_interface_exists(ospfv3, interface) if 'ifmtu' in interface_config: mtu = Interface(interface).get_mtu() if int(interface_config['ifmtu']) > int(mtu): diff --git a/src/conf_mode/protocols_pim.py b/src/conf_mode/protocols_pim.py index d450d11ca..79294a1f0 100755 --- a/src/conf_mode/protocols_pim.py +++ b/src/conf_mode/protocols_pim.py @@ -97,7 +97,7 @@ def verify(pim): raise ConfigError('PIM require defined interfaces!') for interface, interface_config in pim['interface'].items(): - verify_interface_exists(interface) + verify_interface_exists(pim, interface) # Check join group in reserved net if 'igmp' in interface_config and 'join' in interface_config['igmp']: diff --git a/src/conf_mode/protocols_pim6.py b/src/conf_mode/protocols_pim6.py index 2003a1014..581ffe238 100755 --- a/src/conf_mode/protocols_pim6.py +++ b/src/conf_mode/protocols_pim6.py @@ -63,7 +63,7 @@ def verify(pim6): return for interface, interface_config in pim6.get('interface', {}).items(): - verify_interface_exists(interface) + verify_interface_exists(pim6, interface) if 'mld' in interface_config: mld = interface_config['mld'] for group in mld.get('join', {}).keys(): diff --git a/src/conf_mode/qos.py b/src/conf_mode/qos.py index a97a09ba0..2445b8515 100755 --- a/src/conf_mode/qos.py +++ b/src/conf_mode/qos.py @@ -237,7 +237,7 @@ def apply(qos): return None for interface, interface_config in qos['interface'].items(): - if not verify_interface_exists(interface, state_required=True, warning_only=True): + if not verify_interface_exists(qos, interface, state_required=True, warning_only=True): # When shaper is bound to a dialup (e.g. PPPoE) interface it is # possible that it is yet not availbale when to QoS code runs. # Skip the configuration and inform the user via warning_only=True diff --git a/src/conf_mode/service_broadcast-relay.py b/src/conf_mode/service_broadcast-relay.py index 31c552f5a..d35954718 100755 --- a/src/conf_mode/service_broadcast-relay.py +++ b/src/conf_mode/service_broadcast-relay.py @@ -59,7 +59,7 @@ def verify(relay): raise ConfigError('At least two interfaces are required for UDP broadcast relay "{instance}"') for interface in config.get('interface', []): - verify_interface_exists(interface) + verify_interface_exists(relay, interface) if not is_afi_configured(interface, AF_INET): raise ConfigError(f'Interface "{interface}" has no IPv4 address configured!') diff --git a/src/conf_mode/service_conntrack-sync.py b/src/conf_mode/service_conntrack-sync.py index 4fb2ce27f..3a233a172 100755 --- a/src/conf_mode/service_conntrack-sync.py +++ b/src/conf_mode/service_conntrack-sync.py @@ -67,7 +67,7 @@ def verify(conntrack): has_peer = False for interface, interface_config in conntrack['interface'].items(): - verify_interface_exists(interface) + verify_interface_exists(conntrack, interface) # Interface must not only exist, it must also carry an IP address if len(get_ipv4(interface)) < 1: raise ConfigError(f'Interface {interface} requires an IP address!') diff --git a/src/conf_mode/service_dns_dynamic.py b/src/conf_mode/service_dns_dynamic.py index a551a9891..5f5303856 100755 --- a/src/conf_mode/service_dns_dynamic.py +++ b/src/conf_mode/service_dns_dynamic.py @@ -104,7 +104,7 @@ def verify(dyndns): Warning(f'Interface "{config["address"]["interface"]}" does not exist yet and ' f'cannot be used for Dynamic DNS service "{service}" until it is up!') else: - verify_interface_exists(config['address']['interface']) + verify_interface_exists(dyndns, config['address']['interface']) if 'web' in config['address']: # If 'skip' is specified, 'url' is required as well diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py index 28b7fb03c..16c82e591 100755 --- a/src/conf_mode/service_ipoe-server.py +++ b/src/conf_mode/service_ipoe-server.py @@ -66,7 +66,7 @@ def verify(ipoe): raise ConfigError('No IPoE interface configured') for interface, iface_config in ipoe['interface'].items(): - verify_interface_exists(interface, warning_only=True) + verify_interface_exists(ipoe, interface, warning_only=True) if 'client_subnet' in iface_config and 'vlan' in iface_config: raise ConfigError('Option "client-subnet" and "vlan" are mutually exclusive, ' 'use "client-ip-pool" instead!') diff --git a/src/conf_mode/service_mdns_repeater.py b/src/conf_mode/service_mdns_repeater.py index 207da5e03..b0ece031c 100755 --- a/src/conf_mode/service_mdns_repeater.py +++ b/src/conf_mode/service_mdns_repeater.py @@ -65,7 +65,7 @@ def verify(mdns): # For mdns-repeater to work it is essential that the interfaces has # an IPv4 address assigned for interface in mdns['interface']: - verify_interface_exists(interface) + verify_interface_exists(mdns, interface) if mdns['ip_version'] in ['ipv4', 'both'] and AF_INET not in ifaddresses(interface): raise ConfigError('mDNS repeater requires an IPv4 address to be ' diff --git a/src/conf_mode/service_ndp-proxy.py b/src/conf_mode/service_ndp-proxy.py index aa2374f4c..024ad79f2 100755 --- a/src/conf_mode/service_ndp-proxy.py +++ b/src/conf_mode/service_ndp-proxy.py @@ -50,7 +50,7 @@ def verify(ndpp): if 'interface' in ndpp: for interface, interface_config in ndpp['interface'].items(): - verify_interface_exists(interface) + verify_interface_exists(ndpp, interface) if 'rule' in interface_config: for rule, rule_config in interface_config['rule'].items(): diff --git a/src/conf_mode/service_ntp.py b/src/conf_mode/service_ntp.py index f11690ee6..83880fd72 100755 --- a/src/conf_mode/service_ntp.py +++ b/src/conf_mode/service_ntp.py @@ -64,7 +64,7 @@ def verify(ntp): if 'interface' in ntp: # If ntpd should listen on a given interface, ensure it exists interface = ntp['interface'] - verify_interface_exists(interface) + verify_interface_exists(ntp, interface) # If we run in a VRF, our interface must belong to this VRF, too if 'vrf' in ntp: diff --git a/src/conf_mode/service_pppoe-server.py b/src/conf_mode/service_pppoe-server.py index c95f976d3..566a7b149 100755 --- a/src/conf_mode/service_pppoe-server.py +++ b/src/conf_mode/service_pppoe-server.py @@ -122,7 +122,7 @@ def verify(pppoe): # Check is interface exists in the system for interface in pppoe['interface']: - verify_interface_exists(interface, warning_only=True) + verify_interface_exists(pppoe, interface, warning_only=True) return None diff --git a/src/conf_mode/service_salt-minion.py b/src/conf_mode/service_salt-minion.py index a8fce8e01..edf74b0c0 100755 --- a/src/conf_mode/service_salt-minion.py +++ b/src/conf_mode/service_salt-minion.py @@ -70,7 +70,7 @@ def verify(salt): Warning('Do not use sha1 hashing algorithm, upgrade to sha256 or later!') if 'source_interface' in salt: - verify_interface_exists(salt['source_interface']) + verify_interface_exists(salt, salt['source_interface']) return None diff --git a/src/conf_mode/system_flow-accounting.py b/src/conf_mode/system_flow-accounting.py index 2dacd92da..a12ee363d 100755 --- a/src/conf_mode/system_flow-accounting.py +++ b/src/conf_mode/system_flow-accounting.py @@ -183,7 +183,7 @@ def verify(flow_config): # check that all configured interfaces exists in the system for interface in flow_config['interface']: - verify_interface_exists(interface, warning_only=True) + verify_interface_exists(flow_config, interface, warning_only=True) # check sFlow configuration if 'sflow' in flow_config: diff --git a/src/conf_mode/system_option.py b/src/conf_mode/system_option.py index 180686924..9fd7a3195 100755 --- a/src/conf_mode/system_option.py +++ b/src/conf_mode/system_option.py @@ -68,7 +68,7 @@ def verify(options): if 'http_client' in options: config = options['http_client'] if 'source_interface' in config: - verify_interface_exists(config['source_interface']) + verify_interface_exists(options, config['source_interface']) if {'source_address', 'source_interface'} <= set(config): raise ConfigError('Can not define both HTTP source-interface and source-address') diff --git a/src/conf_mode/vpn_ipsec.py b/src/conf_mode/vpn_ipsec.py index cf82b767f..65dd458ec 100755 --- a/src/conf_mode/vpn_ipsec.py +++ b/src/conf_mode/vpn_ipsec.py @@ -180,9 +180,9 @@ def verify(ipsec): for interface in ipsec['interface']: # exclude check interface for dynamic interfaces if tmp.match(interface): - verify_interface_exists(interface, warning_only=True) + verify_interface_exists(ipsec, interface, warning_only=True) else: - verify_interface_exists(interface) + verify_interface_exists(ipsec, interface) if 'l2tp' in ipsec: if 'esp_group' in ipsec['l2tp']: @@ -243,7 +243,7 @@ def verify(ipsec): if 'dhcp_interface' in ra_conf: dhcp_interface = ra_conf['dhcp_interface'] - verify_interface_exists(dhcp_interface) + verify_interface_exists(ipsec, dhcp_interface) dhcp_base = directories['isc_dhclient_dir'] if not os.path.exists(f'{dhcp_base}/dhclient_{dhcp_interface}.conf'): @@ -414,7 +414,7 @@ def verify(ipsec): if 'dhcp_interface' in peer_conf: dhcp_interface = peer_conf['dhcp_interface'] - verify_interface_exists(dhcp_interface) + verify_interface_exists(ipsec, dhcp_interface) dhcp_base = directories['isc_dhclient_dir'] if not os.path.exists(f'{dhcp_base}/dhclient_{dhcp_interface}.conf'): -- cgit v1.2.3