From 58f86ca0e1beb24ec29eb6f2459f2118f08d9002 Mon Sep 17 00:00:00 2001 From: Giggum <152240782+Giggum@users.noreply.github.com> Date: Tue, 21 May 2024 22:07:00 -0400 Subject: [PATCH] dhcpv6-server: T3493: adds prefix range validation and fixes typos in select ConfigError messages --- src/conf_mode/service_dhcpv6-server.py | 34 ++++++++++++++++++++------ 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/src/conf_mode/service_dhcpv6-server.py b/src/conf_mode/service_dhcpv6-server.py index 5489a744e9..5840ae7a6e 100755 --- a/src/conf_mode/service_dhcpv6-server.py +++ b/src/conf_mode/service_dhcpv6-server.py @@ -85,21 +85,21 @@ def verify(dhcpv6): # Stop address must be greater or equal to start address if not ip_address(stop) >= ip_address(start): - raise ConfigError(f'address-range stop address "{stop}" must be greater then or equal ' \ + raise ConfigError(f'address-range stop address "{stop}" must be greater than or equal ' \ f'to the range start address "{start}"!') # DHCPv6 range start address must be unique - two ranges can't # start with the same address - makes no sense if start in range6_start: raise ConfigError(f'Conflicting DHCPv6 lease range: '\ - f'Pool start address "{start}" defined multipe times!') + f'Pool start address "{start}" defined multiple times!') range6_start.append(start) # DHCPv6 range stop address must be unique - two ranges can't # end with the same address - makes no sense if stop in range6_stop: raise ConfigError(f'Conflicting DHCPv6 lease range: '\ - f'Pool stop address "{stop}" defined multipe times!') + f'Pool stop address "{stop}" defined multiple times!') range6_stop.append(stop) if 'prefix' in subnet_config: @@ -113,12 +113,32 @@ def verify(dhcpv6): raise ConfigError('prefix-delegation start address not defined!') for prefix, prefix_config in subnet_config['prefix_delegation']['start'].items(): + prefix_start_addr = prefix + + # Prefix start address must be inside network + if not ip_address(prefix_start_addr) in ip_network(subnet): + raise ConfigError(f'Prefix delegation start address '\ + f'"{prefix_start_addr}" is not in '\ + f'subnet "{subnet}"') + if 'stop' not in prefix_config: - raise ConfigError(f'Stop address of delegated IPv6 prefix range "{prefix}" '\ + raise ConfigError(f'Stop address of delegated IPv6 '\ + f'prefix range "{prefix}" '\ f'must be configured') + if 'stop' in prefix_config: + prefix_stop_addr = prefix_config['stop'] + + # Prefix stop address must be inside network + if not (ip_address(prefix_stop_addr) in + ip_network(subnet)): + raise ConfigError(f'Prefix delegation stop '\ + f'address "{prefix_stop_addr}" '\ + f'is not in subnet "{subnet}"') + if 'prefix_length' not in prefix_config: - raise ConfigError('Length of delegated IPv6 prefix must be configured') + raise ConfigError(f'Length of delegated IPv6 prefix '\ + f'must be configured') # Static mappings don't require anything (but check if IP is in subnet if it's set) if 'static_mapping' in subnet_config: @@ -127,10 +147,10 @@ def verify(dhcpv6): # Static address must be in subnet if ip_address(mapping_config['ipv6_address']) not in ip_network(subnet): raise ConfigError(f'static-mapping address for mapping "{mapping}" is not in subnet "{subnet}"!') - +f'prefix range "{prefix}" '\ if 'vendor_option' in subnet_config: if len(dict_search('vendor_option.cisco.tftp_server', subnet_config)) > 2: - raise ConfigError(f'No more then two Cisco tftp-servers should be defined for subnet "{subnet}"!') + raise ConfigError(f'No more than two Cisco tftp-servers should be defined for subnet "{subnet}"!') # Subnets must be unique if subnet in subnets: