summaryrefslogtreecommitdiff
path: root/python/vyos/configverify.py
diff options
context:
space:
mode:
authorsarthurdev <965089+sarthurdev@users.noreply.github.com>2023-08-31 00:11:59 +0200
committersarthurdev <965089+sarthurdev@users.noreply.github.com>2023-08-31 00:16:03 +0200
commit493d060922f638d81dd5d4a81ffdf19e16943e3e (patch)
tree33b866c4c3e6ded5d040fc6bca21c6670fb6213e /python/vyos/configverify.py
parentd3edda22573fb9c9d1c469f14f5a3eec9ca512a5 (diff)
downloadvyos-1x-493d060922f638d81dd5d4a81ffdf19e16943e3e.tar.gz
vyos-1x-493d060922f638d81dd5d4a81ffdf19e16943e3e.zip
eapol: T4782: Support multiple CA chains
Diffstat (limited to 'python/vyos/configverify.py')
-rw-r--r--python/vyos/configverify.py13
1 files changed, 6 insertions, 7 deletions
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index 5b94bd98b..52f9238b8 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -187,15 +187,14 @@ def verify_eapol(config):
if 'ca' not in config['pki']:
raise ConfigError('Invalid CA certificate specified for EAPoL')
- ca_cert_name = config['eapol']['ca_certificate']
+ for ca_cert_name in config['eapol']['ca_certificate']:
+ if ca_cert_name not in config['pki']['ca']:
+ raise ConfigError('Invalid CA certificate specified for EAPoL')
- if ca_cert_name not in config['pki']['ca']:
- raise ConfigError('Invalid CA certificate specified for EAPoL')
-
- ca_cert = config['pki']['ca'][ca_cert_name]
+ ca_cert = config['pki']['ca'][ca_cert_name]
- if 'certificate' not in ca_cert:
- raise ConfigError('Invalid CA certificate specified for EAPoL')
+ if 'certificate' not in ca_cert:
+ raise ConfigError('Invalid CA certificate specified for EAPoL')
def verify_mirror_redirect(config):
"""