github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

configreaders: don't swallow return code by decoding error (whole jail or fail2ban config failed to read due to some error like encoding etc), so dump or test of config would get an error at end (and coverage for #3971)

pull/3927/merge
sebres 2025-03-19 02:19:16 +01:00
parent 8ae6eaf39a
commit d02a613e89
4 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
fail2ban/client/configreader.py
View File

@ -230,6 +230,7 @@ class ConfigReaderUnshared(SafeConfigParserWithIncludes):
missed = [ cf for cf in config_files if cf not in config_files_read ] missed = [ cf for cf in config_files if cf not in config_files_read ]
if missed: if missed:
logSys.error("Could not read config files: %s", ', '.join(missed)) logSys.error("Could not read config files: %s", ', '.join(missed))
return False
if config_files_read: if config_files_read:
return True return True
logSys.error("Found no accessible config files for %r under %s", logSys.error("Found no accessible config files for %r under %s",

6
fail2ban/client/configurator.py
View File

@ -63,11 +63,13 @@ class Configurator:
return fail2ban_basedir return fail2ban_basedir
def readEarly(self): def readEarly(self):
self.__fail2ban.read() if not self.__fail2ban.read():
raise LookupError("Read fail2ban configuration failed.")
def readAll(self): def readAll(self):
self.readEarly() self.readEarly()
self.__jails.read() if not self.__jails.read():
raise LookupError("Read jails configuration failed.")
def getEarlyOptions(self): def getEarlyOptions(self):
return self.__fail2ban.getEarlyOptions() return self.__fail2ban.getEarlyOptions()

2
fail2ban/client/fail2banreader.py
View File

@ -37,7 +37,7 @@ class Fail2banReader(ConfigReader):
ConfigReader.__init__(self, **kwargs) ConfigReader.__init__(self, **kwargs)
def read(self): def read(self):
ConfigReader.read(self, "fail2ban") return ConfigReader.read(self, "fail2ban")
def getEarlyOptions(self): def getEarlyOptions(self):
opts = [ opts = [

17
fail2ban/tests/fail2banclienttestcase.py
View File

@ -826,6 +826,23 @@ class Fail2banServerTest(Fail2banClientServerBase):
"Errors in jail 'broken-jail'.", "Errors in jail 'broken-jail'.",
"ERROR: test configuration failed", all=True) "ERROR: test configuration failed", all=True)
# disable jail in .local (shall be again OK):
self.pruneLog("[test-phase 1]")
_write_file(pjoin(cfg, "jail.local"), "a", "",
"[broken-jail]", "enabled = false")
self.execCmd(SUCCESS, startparams, "--test")
self.assertLogged("OK: configuration test is successful")
# generate decoding error: ('utf-8' codec can't decode byte 0xfd):
self.pruneLog("[test-phase 1a]")
with open(pjoin(cfg, "jail.local"), "ab") as f:
f.write(b"\n# invalid char \xfd")
self.execCmd(FAILED, startparams, "-t")
self.assertLogged("Could not read config files",
"Read jails configuration failed.",
"ERROR: test configuration failed", all=True)
@with_tmpdir @with_tmpdir
def testKillAfterStart(self, tmp): def testKillAfterStart(self, tmp):
try: try: