Page MenuHomeVyOS Platform

Rework the handling of special characters inside node values
Open, Requires assessmentPublic


Handling of special characters is a chronic headache for VyOS developers and users alike. Quotes is the most common issue, but there are others.

The first inconsistency is that you cannot enter a value with quotes from the CLI, but you can load a config with such values. Then things get funny.

The life of any character inside a node value includes these stages:

  1. First it's read and interpreted by the lexer
  2. Then it's passed to config scripts
  3. Then it's inserted into the target application config

The current behaviour as of 1.2 is: after parsing, quotes are backslash-escaped. When it's passed to the config script, the backslash itself is escaped, while the quote is not. As confusing as it sounds:

>>> import vyos.config
>>> c = vyos.config.Config()
>>> c.return_value("system login user dmbaturin full-name")
>>> print(c.return_value("system login user dmbaturin full-name"))

One can regard quotes inside values as pathological, but there are valid reasons to have them:

  1. Inside pre-shared keys (arguing with the other side over their PSK can be a futile exercise)
  2. In script arguments
  3. In raw options passed to the target application (openvpn-option etc.)

After T1801, the libvyosconfig-based implementation behaves like 1.2. However, it's not clear if that's what we really want.

Instead, we may want to redo it to always pass raw strings to config scripts, and adjust the scripts to do their own escaping when required.


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Behavior change
Issue type
Internal change (not visible to end users)