From: Francis Dupont <fdupont@isc.org>
Date: Tue, 23 Jul 2024 13:57:34 +0000 (+0200)
Subject: [#3477] Making socket name/address exclusive (1)
X-Git-Tag: Kea-2.7.2~101
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bf4ed59d63cc0b73dc3bd243b109e8bce04ae23f;p=thirdparty%2Fkea.git

[#3477] Making socket name/address exclusive (1)
---

diff --git a/doc/examples/ddns/all-keys.json b/doc/examples/ddns/all-keys.json
index 48da3b1a7b..b9015d8713 100644
--- a/doc/examples/ddns/all-keys.json
+++ b/doc/examples/ddns/all-keys.json
@@ -52,8 +52,7 @@
             "socket-type": "https",
 
             // Address of the HTTPS socket the Kea DHCP-DDNS server should
-            // listen for incoming queries. In fact an alias of
-            // socket-name.
+            // listen for incoming queries.
             "socket-address": "127.0.0.1",
 
             // Port of the HTTPS socket the Kea DHCP-DDNS server
diff --git a/doc/examples/kea4/all-keys.json b/doc/examples/kea4/all-keys.json
index c23b05466e..9ea1234fe8 100644
--- a/doc/examples/kea4/all-keys.json
+++ b/doc/examples/kea4/all-keys.json
@@ -160,8 +160,7 @@
                 "socket-type": "https",
 
                 // Address of the HTTPS socket the Kea DHCPv4 server should
-                // listen for incoming queries. In fact an alias of
-                // socket-name.
+                // listen for incoming queries.
                 "socket-address": "127.0.0.1",
 
                 // Port of the HTTPS socket the Kea DHCPv4 server
diff --git a/doc/examples/kea6/all-keys.json b/doc/examples/kea6/all-keys.json
index 2fb754311c..1a7cadc1c8 100644
--- a/doc/examples/kea6/all-keys.json
+++ b/doc/examples/kea6/all-keys.json
@@ -111,8 +111,7 @@
                 "socket-type": "https",
 
                 // Address of the HTTPS socket the Kea DHCPv6 server should
-                // listen for incoming queries. In fact an alias of
-                // socket-name.
+                // listen for incoming queries.
                 "socket-address": "::1",
 
                 // Port of the HTTPS socket the Kea DHCPv6 server
diff --git a/src/bin/d2/d2_parser.yy b/src/bin/d2/d2_parser.yy
index cf8a114d90..6a22eac112 100644
--- a/src/bin/d2/d2_parser.yy
+++ b/src/bin/d2/d2_parser.yy
@@ -844,6 +844,7 @@ control_socket_type_value:
 
 control_socket_name: SOCKET_NAME {
     ctx.unique("socket-name", ctx.loc2pos(@1));
+    ctx.unique("socket-address", ctx.loc2pos(@1));
     ctx.enter(ctx.NO_KEYWORD);
 } COLON STRING {
     ElementPtr name(new StringElement($4, ctx.loc2pos(@4)));
@@ -853,6 +854,7 @@ control_socket_name: SOCKET_NAME {
 
 control_socket_address: SOCKET_ADDRESS {
     ctx.unique("socket-address", ctx.loc2pos(@1));
+    ctx.unique("socket-name", ctx.loc2pos(@1));
     ctx.enter(ctx.NO_KEYWORD);
 } COLON STRING {
     ElementPtr address(new StringElement($4, ctx.loc2pos(@4)));
diff --git a/src/bin/dhcp4/dhcp4_parser.yy b/src/bin/dhcp4/dhcp4_parser.yy
index d41c568694..aae2808357 100644
--- a/src/bin/dhcp4/dhcp4_parser.yy
+++ b/src/bin/dhcp4/dhcp4_parser.yy
@@ -2591,6 +2591,7 @@ control_socket_type_value:
 
 control_socket_name: SOCKET_NAME {
     ctx.unique("socket-name", ctx.loc2pos(@1));
+    ctx.unique("socket-address", ctx.loc2pos(@1));
     ctx.enter(ctx.NO_KEYWORD);
 } COLON STRING {
     ElementPtr name(new StringElement($4, ctx.loc2pos(@4)));
@@ -2600,6 +2601,7 @@ control_socket_name: SOCKET_NAME {
 
 control_socket_address: SOCKET_ADDRESS {
     ctx.unique("socket-address", ctx.loc2pos(@1));
+    ctx.unique("socket-name", ctx.loc2pos(@1));
     ctx.enter(ctx.NO_KEYWORD);
 } COLON STRING {
     ElementPtr address(new StringElement($4, ctx.loc2pos(@4)));
diff --git a/src/bin/dhcp6/dhcp6_parser.yy b/src/bin/dhcp6/dhcp6_parser.yy
index a4061722d6..a09f50cb72 100644
--- a/src/bin/dhcp6/dhcp6_parser.yy
+++ b/src/bin/dhcp6/dhcp6_parser.yy
@@ -2720,6 +2720,7 @@ control_socket_type_value:
 
 control_socket_name: SOCKET_NAME {
     ctx.unique("socket-name", ctx.loc2pos(@1));
+    ctx.unique("socket-address", ctx.loc2pos(@1));
     ctx.enter(ctx.NO_KEYWORD);
 } COLON STRING {
     ElementPtr name(new StringElement($4, ctx.loc2pos(@4)));
@@ -2729,6 +2730,7 @@ control_socket_name: SOCKET_NAME {
 
 control_socket_address: SOCKET_ADDRESS {
     ctx.unique("socket-address", ctx.loc2pos(@1));
+    ctx.unique("socket-name", ctx.loc2pos(@1));
     ctx.enter(ctx.NO_KEYWORD);
 } COLON STRING {
     ElementPtr address(new StringElement($4, ctx.loc2pos(@4)));
diff --git a/src/lib/config/http_command_config.cc b/src/lib/config/http_command_config.cc
index e9af058664..684c9dedda 100644
--- a/src/lib/config/http_command_config.cc
+++ b/src/lib/config/http_command_config.cc
@@ -51,24 +51,18 @@ HttpCommandConfig::HttpCommandConfig(ConstElementPtr config)
                       << socket_type_ << "' not 'http' or 'https'");
         }
     }
-
+    // Reject UNIX only socket-name.
+    if (config->contains("socket-name")) {
+        isc_throw(DhcpConfigError,
+                  "parameter 'socket-name' is not supported by HTTP "
+                  "control sockets");
+    }
     // Get socket address.
-    ConstElementPtr socket_name = config->get("socket-name");
     ConstElementPtr socket_address = config->get("socket-address");
-    if (socket_name) {
-        // socket-name is an alias of socket-address.
-        if (socket_address) {
-            isc_throw(DhcpConfigError,
-                      "specify both 'socket-name' and 'socket-address' "
-                      "is forbidden");
-        }
-        socket_address = socket_name;
-    }
     if (socket_address) {
         if (socket_address->getType() != Element::string) {
             isc_throw(DhcpConfigError,
-                      "invalid type specified for parameter 'socket-"
-                      << (socket_name ? "name" : "address") << "' ("
+                      "invalid type specified for parameter 'socket-address' ("
                       << socket_address->getPosition() << ")");
         }
         try {
diff --git a/src/lib/config/http_command_mgr.cc b/src/lib/config/http_command_mgr.cc
index 1d860c68e7..d88f0be719 100644
--- a/src/lib/config/http_command_mgr.cc
+++ b/src/lib/config/http_command_mgr.cc
@@ -92,7 +92,7 @@ HttpCommandMgrImpl::configure(HttpCommandConfigPtr config) {
             (config->getCertRequired() != current_config_->getCertRequired())) {
             LOG_WARN(command_logger, HTTP_COMMAND_MGR_IGNORED_TLS_SETUP_CHANGES);
             // Overwrite the authentication setup and the emulation flag
-            //in the response creator config.
+            // in the response creator config.
             current_config_->setAuthConfig(config->getAuthConfig());
             current_config_->setEmulateAgentResponse(config->getEmulateAgentResponse());
         } else {
diff --git a/src/lib/config/tests/http_command_config_unittests.cc b/src/lib/config/tests/http_command_config_unittests.cc
index afb9a755dd..dc8c096111 100644
--- a/src/lib/config/tests/http_command_config_unittests.cc
+++ b/src/lib/config/tests/http_command_config_unittests.cc
@@ -102,16 +102,9 @@ TEST_F(HttpCommandConfigTest, errors) {
             "unsupported 'socket-type' 'unix' not 'http' or 'https'"
         },
         {
-            "both socket-name and socket-address",
-            R"( { "socket-name": "::1", "socket-address": "::1" } )",
-            "specify both 'socket-name' and 'socket-address' "
-            "is forbidden"
-        },
-        {
-            "bad socket-name type",
-            R"( { "socket-name": 8000 } )",
-            "invalid type specified for parameter 'socket-name' "
-            "(<string>:1:19)"
+            "unsupported socket-name",
+            R"( { "socket-name": "::1" } )",
+            "parameter 'socket-name' is not supported by HTTP control sockets"
         },
         {
             "bad socket-address type",