From e00edb0072ceb07b92be826984154afeb6c567d3 Mon Sep 17 00:00:00 2001
From: Andrew Gunnerson <chillermillerlong@hotmail.com>
Date: Mon, 14 Feb 2022 17:02:13 -0500
Subject: pki: eapol: T4244: Fix KeyError when CA cert name differs from client
 cert name

This commit fixes a small typo where the client cert name was being used
to index the CA configuration dict.

Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com>
---
 python/vyos/configverify.py          | 2 +-
 src/conf_mode/interfaces-ethernet.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index 365a28feb..18fb7f9f7 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -173,7 +173,7 @@ def verify_eapol(config):
             if ca_cert_name not in config['pki']['ca']:
                 raise ConfigError('Invalid CA certificate specified for EAPoL')
 
-            ca_cert = config['pki']['ca'][cert_name]
+            ca_cert = config['pki']['ca'][ca_cert_name]
 
             if 'certificate' not in ca_cert:
                 raise ConfigError('Invalid CA certificate specified for EAPoL')
diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py
index e7250fb49..ab8d58f81 100755
--- a/src/conf_mode/interfaces-ethernet.py
+++ b/src/conf_mode/interfaces-ethernet.py
@@ -165,7 +165,7 @@ def generate(ethernet):
         if 'ca_certificate' in ethernet['eapol']:
             ca_cert_file_path = os.path.join(cfg_dir, f'{ifname}_ca.pem')
             ca_cert_name = ethernet['eapol']['ca_certificate']
-            pki_ca_cert = ethernet['pki']['ca'][cert_name]
+            pki_ca_cert = ethernet['pki']['ca'][ca_cert_name]
 
             write_file(ca_cert_file_path,
                        wrap_certificate(pki_ca_cert['certificate']))
-- 
cgit v1.2.3