configreaders: don't swallow return code by decoding error (whole jail or fail2ban config failed to read due to some error like encoding etc), so dump or test of config would get an error at end (and coverage for #3971)

pull/3927/merge
sebres 2025-03-19 02:19:16 +01:00
parent 8ae6eaf39a
commit d02a613e89
4 changed files with 23 additions and 3 deletions

View File

@ -230,6 +230,7 @@ class ConfigReaderUnshared(SafeConfigParserWithIncludes):
missed = [ cf for cf in config_files if cf not in config_files_read ]
if missed:
logSys.error("Could not read config files: %s", ', '.join(missed))
return False
if config_files_read:
return True
logSys.error("Found no accessible config files for %r under %s",

View File

@ -63,11 +63,13 @@ class Configurator:
return fail2ban_basedir
def readEarly(self):
self.__fail2ban.read()
if not self.__fail2ban.read():
raise LookupError("Read fail2ban configuration failed.")
def readAll(self):
self.readEarly()
self.__jails.read()
if not self.__jails.read():
raise LookupError("Read jails configuration failed.")
def getEarlyOptions(self):
return self.__fail2ban.getEarlyOptions()

View File

@ -37,7 +37,7 @@ class Fail2banReader(ConfigReader):
ConfigReader.__init__(self, **kwargs)
def read(self):
ConfigReader.read(self, "fail2ban")
return ConfigReader.read(self, "fail2ban")
def getEarlyOptions(self):
opts = [

View File

@ -826,6 +826,23 @@ class Fail2banServerTest(Fail2banClientServerBase):
"Errors in jail 'broken-jail'.",
"ERROR: test configuration failed", all=True)
# disable jail in .local (shall be again OK):
self.pruneLog("[test-phase 1]")
_write_file(pjoin(cfg, "jail.local"), "a", "",
"[broken-jail]", "enabled = false")
self.execCmd(SUCCESS, startparams, "--test")
self.assertLogged("OK: configuration test is successful")
# generate decoding error: ('utf-8' codec can't decode byte 0xfd):
self.pruneLog("[test-phase 1a]")
with open(pjoin(cfg, "jail.local"), "ab") as f:
f.write(b"\n# invalid char \xfd")
self.execCmd(FAILED, startparams, "-t")
self.assertLogged("Could not read config files",
"Read jails configuration failed.",
"ERROR: test configuration failed", all=True)
@with_tmpdir
def testKillAfterStart(self, tmp):
try: