From fd5cdaa7a6688eb8ec5c8df26be27253b8ca140f Mon Sep 17 00:00:00 2001 From: Indrajit Raychaudhuri Date: Sat, 4 Nov 2023 16:01:02 -0500 Subject: ddclient: T5708: Validate proper use of `web-options` `web-options` is only applicable when using HTTP(S) web request to obtain the IP address. Apply guard for that. --- src/conf_mode/dns_dynamic.py | 4 ++++ src/migration-scripts/dns-dynamic/1-to-2 | 7 +++++++ 2 files changed, 11 insertions(+) (limited to 'src') diff --git a/src/conf_mode/dns_dynamic.py b/src/conf_mode/dns_dynamic.py index 874c4b689..d71dc22fd 100755 --- a/src/conf_mode/dns_dynamic.py +++ b/src/conf_mode/dns_dynamic.py @@ -81,6 +81,10 @@ def verify(dyndns): raise ConfigError(f'"{field.replace("_", "-")}" is required for RFC2136 ' f'based Dynamic DNS service on "{address}"') + # Dynamic DNS service provider - configuration validation + if 'web_options' in dyndns['address'][address] and address != 'web': + raise ConfigError(f'"web-options" is applicable only when using HTTP(S) web request to obtain the IP address') + # Dynamic DNS service provider - configuration validation if 'service' in dyndns['address'][address]: for service, config in dyndns['address'][address]['service'].items(): diff --git a/src/migration-scripts/dns-dynamic/1-to-2 b/src/migration-scripts/dns-dynamic/1-to-2 index b4679769c..8aaedf210 100644 --- a/src/migration-scripts/dns-dynamic/1-to-2 +++ b/src/migration-scripts/dns-dynamic/1-to-2 @@ -17,6 +17,7 @@ # T5708: # - migrate "service dns dynamic timeout ..." # to "service dns dynamic interval ..." +# - remove "service dns dynamic address web-options ..." when != "web" import sys from vyos.configtree import ConfigTree @@ -34,6 +35,7 @@ config = ConfigTree(config_file) base_path = ['service', 'dns', 'dynamic'] timeout_path = base_path + ['timeout'] +address_path = base_path + ['address'] if not config.exists(base_path): # Nothing to do @@ -44,6 +46,11 @@ if not config.exists(base_path): if config.exists(timeout_path): config.rename(timeout_path, 'interval') +# Remove "service dns dynamic address web-options ..." when != "web" +for address in config.list_nodes(address_path): + if config.exists(address_path + [address, 'web-options']) and address != 'web': + config.delete(address_path + [address, 'web-options']) + try: with open(file_name, 'w') as f: f.write(config.to_string()) -- cgit v1.2.3