ncm-ntpd: Validate interface match option

quattor · Dec 23, 2022 · 8422f6f · 8422f6f
1 parent 6774043
commit 8422f6f
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/ncm-ntpd/src/main/pan/components/ntpd/schema.pan b/ncm-ntpd/src/main/pan/components/ntpd/schema.pan
@@ -101,7 +101,13 @@ type ntpd_system_options = {
 }
 type ntpd_interface_options = {
  "action" : choice("listen", "ignore", "drop")
- "match" : string
+ "match" : string_trimmed with {
+ match(SELF, '^(all|ipv4|ipv6|wildcard)$')
+ || is_ip(SELF)
+ || is_ipv4_netmask_pair(SELF)
+ || is_ipv6_network_block(SELF)
+ || path_exists(format('/system/network/interfaces/%s', SELF));
+ }
 };
 
 # logging configuration

diff --git a/ncm-ntpd/src/test/resources/interface.pan b/ncm-ntpd/src/test/resources/interface.pan
@@ -2,6 +2,8 @@ object template interface;
 
 include 'only_timeservers_base';
 
+'/system/network/interfaces/eth0' = dict();
+
 prefix "/software/components/ntpd";
 
 'interface' = append(dict('action', 'listen', 'match', 'eth0'));