102 lines
4.0 KiB
Diff
102 lines
4.0 KiB
Diff
--- keepalived-2.2.8/keepalived/core/global_parser.c.orig 2024-08-13 18:02:02.156517132 +0200
|
|
+++ keepalived-2.2.8/keepalived/core/global_parser.c 2024-08-13 18:04:32.173727108 +0200
|
|
@@ -1091,12 +1091,27 @@ vrrp_ipsets_handler(const vector_t *strv
|
|
{
|
|
size_t len;
|
|
char set_name[IPSET_MAXNAMELEN];
|
|
+ unsigned sn0, sn1;
|
|
+ const char **set_names[] = {
|
|
+ &global_data->vrrp_ipset_address,
|
|
+ &global_data->vrrp_ipset_address6,
|
|
+ &global_data->vrrp_ipset_address_iface6,
|
|
+ &global_data->vrrp_ipset_igmp,
|
|
+ &global_data->vrrp_ipset_mld,
|
|
+#ifdef _HAVE_VRRP_VMAC_
|
|
+ &global_data->vrrp_ipset_vmac_nd
|
|
+#endif
|
|
+ };
|
|
|
|
FREE_CONST_PTR(global_data->vrrp_ipset_address);
|
|
FREE_CONST_PTR(global_data->vrrp_ipset_address6);
|
|
FREE_CONST_PTR(global_data->vrrp_ipset_address_iface6);
|
|
FREE_CONST_PTR(global_data->vrrp_ipset_igmp);
|
|
FREE_CONST_PTR(global_data->vrrp_ipset_mld);
|
|
+#ifdef _HAVE_VRRP_VMAC_
|
|
+ FREE_CONST_PTR(global_data->vrrp_ipset_vmac_nd);
|
|
+#endif
|
|
+ global_data->using_ipsets = PARAMETER_UNSET;
|
|
|
|
if (vector_size(strvec) < 2) {
|
|
global_data->using_ipsets = false;
|
|
@@ -1105,14 +1120,14 @@ vrrp_ipsets_handler(const vector_t *strv
|
|
|
|
if (strlen(strvec_slot(strvec,1)) >= IPSET_MAXNAMELEN - 1) {
|
|
report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset address name too long - ignored");
|
|
- return;
|
|
+ goto ipset_error;
|
|
}
|
|
global_data->vrrp_ipset_address = STRDUP(strvec_slot(strvec,1));
|
|
|
|
if (vector_size(strvec) >= 3) {
|
|
if (strlen(strvec_slot(strvec,2)) >= IPSET_MAXNAMELEN - 1) {
|
|
report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset IPv6 address name too long - ignored");
|
|
- return;
|
|
+ goto ipset_error;
|
|
}
|
|
global_data->vrrp_ipset_address6 = STRDUP(strvec_slot(strvec,2));
|
|
}
|
|
@@ -1126,7 +1141,7 @@ vrrp_ipsets_handler(const vector_t *strv
|
|
if (vector_size(strvec) >= 4) {
|
|
if (strlen(strvec_slot(strvec,3)) >= IPSET_MAXNAMELEN - 1) {
|
|
report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset IPv6 address_iface name too long - ignored");
|
|
- return;
|
|
+ goto ipset_error;
|
|
}
|
|
global_data->vrrp_ipset_address_iface6 = STRDUP(strvec_slot(strvec,3));
|
|
}
|
|
@@ -1144,7 +1159,7 @@ vrrp_ipsets_handler(const vector_t *strv
|
|
if (vector_size(strvec) >= 5) {
|
|
if (strlen(strvec_slot(strvec,4)) >= IPSET_MAXNAMELEN - 1) {
|
|
report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset IGMP name too long - ignored");
|
|
- return;
|
|
+ goto ipset_error;
|
|
}
|
|
global_data->vrrp_ipset_igmp = STRDUP(strvec_slot(strvec,4));
|
|
}
|
|
@@ -1158,7 +1173,7 @@ vrrp_ipsets_handler(const vector_t *strv
|
|
if (vector_size(strvec) >= 6) {
|
|
if (strlen(strvec_slot(strvec,5)) >= IPSET_MAXNAMELEN - 1) {
|
|
report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset MLD name too long - ignored");
|
|
- return;
|
|
+ goto ipset_error;
|
|
}
|
|
global_data->vrrp_ipset_mld = STRDUP(strvec_slot(strvec,5));
|
|
}
|
|
@@ -1169,6 +1184,26 @@ vrrp_ipsets_handler(const vector_t *strv
|
|
strcat(set_name, "_mld");
|
|
global_data->vrrp_ipset_mld = STRDUP(set_name);
|
|
}
|
|
+ /* Ensure all the set names are different */
|
|
+ for (sn0 = 0; sn0 < sizeof(set_names) / sizeof(set_names[0]) - 1; sn0++) {
|
|
+ for (sn1 = sn0 + 1; sn1 < sizeof(set_names) / sizeof(set_names[0]); sn1++) {
|
|
+ if (!strcmp(*set_names[sn0], *set_names[sn1])) {
|
|
+ report_config_error(CONFIG_GENERAL_ERROR, "vrrp_ipsets: set name %s used more than once", *set_names[sn0]);
|
|
+ goto ipset_error;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ global_data->using_ipsets = true;
|
|
+ return;
|
|
+ipset_error:
|
|
+ FREE_CONST_PTR(global_data->vrrp_ipset_address);
|
|
+ FREE_CONST_PTR(global_data->vrrp_ipset_address6);
|
|
+ FREE_CONST_PTR(global_data->vrrp_ipset_address_iface6);
|
|
+ FREE_CONST_PTR(global_data->vrrp_ipset_igmp);
|
|
+ FREE_CONST_PTR(global_data->vrrp_ipset_mld);
|
|
+#ifdef _HAVE_VRRP_VMAC_
|
|
+ FREE_CONST_PTR(global_data->vrrp_ipset_vmac_nd);
|
|
+#endif
|
|
}
|
|
#endif
|
|
#elif defined _WITH_NFTABLES_
|