diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-09-09 10:00:21 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-09-09 10:00:21 +0200 |
commit | 32eb4b342e962f3f2c3f46671a9415f04b0db40b (patch) | |
tree | ac30396d42616eefa40a31f7091aa23d84feefb5 | |
parent | b6b61bc9ecf1328e67a0c15934f8bf3966a6b66d (diff) | |
parent | e41ae4d952e276d8497d38f5761806c14ea542d2 (diff) | |
download | vyos-1x-32eb4b342e962f3f2c3f46671a9415f04b0db40b.tar.gz vyos-1x-32eb4b342e962f3f2c3f46671a9415f04b0db40b.zip |
Merge pull request #541 from DmitriyEshenko/1x-cur-openconnect
openconnect: T2036: Move CLI commands under vpn openconnect
-rw-r--r-- | data/templates/ocserv/ocserv_config.tmpl | 2 | ||||
-rw-r--r-- | data/templates/ocserv/radius_conf.tmpl | 2 | ||||
-rw-r--r-- | data/templates/ocserv/radius_servers.tmpl | 2 | ||||
-rw-r--r-- | interface-definitions/vpn_openconnect.xml.in (renamed from interface-definitions/vpn_anyconnect.xml.in) | 4 | ||||
-rw-r--r-- | op-mode-definitions/openconnect.xml (renamed from op-mode-definitions/anyconnect.xml) | 8 | ||||
-rwxr-xr-x | smoketest/scripts/cli/test_vpn_openconnect.py (renamed from smoketest/scripts/cli/test_vpn_anyconnect.py) | 6 | ||||
-rwxr-xr-x | src/conf_mode/vpn_openconnect.py (renamed from src/conf_mode/vpn_anyconnect.py) | 14 | ||||
-rwxr-xr-x | src/op_mode/openconnect-control.py (renamed from src/op_mode/anyconnect-control.py) | 10 |
8 files changed, 24 insertions, 24 deletions
diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.tmpl index 6aaeff693..328af0c0d 100644 --- a/data/templates/ocserv/ocserv_config.tmpl +++ b/data/templates/ocserv/ocserv_config.tmpl @@ -1,4 +1,4 @@ -### generated by vpn_anyconnect.py ### +### generated by vpn_openconnect.py ### tcp-port = {{ listen_ports.tcp }} udp-port = {{ listen_ports.udp }} diff --git a/data/templates/ocserv/radius_conf.tmpl b/data/templates/ocserv/radius_conf.tmpl index 2d19306a0..1712d83ef 100644 --- a/data/templates/ocserv/radius_conf.tmpl +++ b/data/templates/ocserv/radius_conf.tmpl @@ -1,4 +1,4 @@ -### generated by cpn_anyconnect.py ### +### generated by vpn_openconnect.py ### nas-identifier VyOS {% for srv in server %} {% if not "disable" in server[srv] %} diff --git a/data/templates/ocserv/radius_servers.tmpl b/data/templates/ocserv/radius_servers.tmpl index ba21fa074..7bacac992 100644 --- a/data/templates/ocserv/radius_servers.tmpl +++ b/data/templates/ocserv/radius_servers.tmpl @@ -1,4 +1,4 @@ -### generated by cpn_anyconnect.py ### +### generated by vpn_openconnect.py ### # server key {% for srv in server %} {% if not "disable" in server[srv] %} diff --git a/interface-definitions/vpn_anyconnect.xml.in b/interface-definitions/vpn_openconnect.xml.in index e74326986..16fe660a9 100644 --- a/interface-definitions/vpn_anyconnect.xml.in +++ b/interface-definitions/vpn_openconnect.xml.in @@ -2,9 +2,9 @@ <interfaceDefinition> <node name="vpn"> <children> - <node name="anyconnect" owner="${vyos_conf_scripts_dir}/vpn_anyconnect.py"> + <node name="openconnect" owner="${vyos_conf_scripts_dir}/vpn_openconnect.py"> <properties> - <help>SSL VPN AnyConnect</help> + <help>SSL VPN OpenConnect, AnyConnect compatible server</help> <priority>901</priority> </properties> <children> diff --git a/op-mode-definitions/anyconnect.xml b/op-mode-definitions/openconnect.xml index 7e8cdd35b..9b82b114e 100644 --- a/op-mode-definitions/anyconnect.xml +++ b/op-mode-definitions/openconnect.xml @@ -2,16 +2,16 @@ <interfaceDefinition> <node name="show"> <children> - <node name="anyconnect-server"> + <node name="openconnect-server"> <properties> - <help>show anyconnect-server information</help> + <help>show openconnect-server information</help> </properties> <children> <leafNode name="sessions"> <properties> - <help>Show active anyconnect server sessions</help> + <help>Show active openconnect server sessions</help> </properties> - <command>${vyos_op_scripts_dir}/anyconnect-control.py --action="show_sessions"</command> + <command>${vyos_op_scripts_dir}/openconnect-control.py --action="show_sessions"</command> </leafNode> </children> </node> diff --git a/smoketest/scripts/cli/test_vpn_anyconnect.py b/smoketest/scripts/cli/test_vpn_openconnect.py index dd8ab1609..d2b82d686 100755 --- a/smoketest/scripts/cli/test_vpn_anyconnect.py +++ b/smoketest/scripts/cli/test_vpn_openconnect.py @@ -23,16 +23,16 @@ from vyos.configsession import ConfigSession, ConfigSessionError from vyos.util import read_file OCSERV_CONF = '/run/ocserv/ocserv.conf' -base_path = ['vpn', 'anyconnect'] +base_path = ['vpn', 'openconnect'] cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' cert_key = '/etc/ssl/private/ssl-cert-snakeoil.key' -class TestVpnAnyconnect(unittest.TestCase): +class TestVpnOpenconnect(unittest.TestCase): def setUp(self): self.session = ConfigSession(os.getpid()) def tearDown(self): - # Delete vpn anyconnect configuration + # Delete vpn openconnect configuration self.session.delete(base_path) self.session.commit() diff --git a/src/conf_mode/vpn_anyconnect.py b/src/conf_mode/vpn_openconnect.py index 158e1a117..af8604972 100755 --- a/src/conf_mode/vpn_anyconnect.py +++ b/src/conf_mode/vpn_openconnect.py @@ -42,7 +42,7 @@ def get_hash(password): def get_config(): conf = Config() - base = ['vpn', 'anyconnect'] + base = ['vpn', 'openconnect'] if not conf.exists(base): return None @@ -61,24 +61,24 @@ def verify(ocserv): if "mode" in ocserv["authentication"]: if "local" in ocserv["authentication"]["mode"]: if not ocserv["authentication"]["local_users"] or not ocserv["authentication"]["local_users"]["username"]: - raise ConfigError('Anyconect mode local required at leat one user') + raise ConfigError('openconnect mode local required at leat one user') else: for user in ocserv["authentication"]["local_users"]["username"]: if not "password" in ocserv["authentication"]["local_users"]["username"][user]: raise ConfigError(f'password required for user {user}') else: - raise ConfigError('anyconnect authentication mode required') + raise ConfigError('openconnect authentication mode required') else: - raise ConfigError('anyconnect authentication credentials required') + raise ConfigError('openconnect authentication credentials required') # Check ssl if "ssl" in ocserv: req_cert = ['ca_cert_file', 'cert_file', 'key_file'] for cert in req_cert: if not cert in ocserv["ssl"]: - raise ConfigError('anyconnect ssl {0} required'.format(cert.replace('_', '-'))) + raise ConfigError('openconnect ssl {0} required'.format(cert.replace('_', '-'))) else: - raise ConfigError('anyconnect ssl required') + raise ConfigError('openconnect ssl required') # Check network settings if "network_settings" in ocserv: @@ -90,7 +90,7 @@ def verify(ocserv): else: ocserv["network_settings"]["push_route"] = "default" else: - raise ConfigError('anyconnect network settings required') + raise ConfigError('openconnect network settings required') def generate(ocserv): diff --git a/src/op_mode/anyconnect-control.py b/src/op_mode/openconnect-control.py index 6382016b7..ef9fe618c 100755 --- a/src/op_mode/anyconnect-control.py +++ b/src/op_mode/openconnect-control.py @@ -28,7 +28,7 @@ occtl_socket = '/run/ocserv/occtl.socket' def show_sessions(): out, code = popen("sudo {0} -j -s {1} show users".format(occtl, occtl_socket),stderr=DEVNULL) if code: - sys.exit('Cannot get anyconnect users information') + sys.exit('Cannot get openconnect users information') else: headers = ["interface", "username", "ip", "remote IP", "RX", "TX", "state", "uptime"] sessions = json.loads(out) @@ -38,11 +38,11 @@ def show_sessions(): if len(ses_list) > 0: print(tabulate(ses_list, headers)) else: - print("No active anyconnect sessions") + print("No active openconnect sessions") def is_ocserv_configured(): - if not Config().exists_effective('vpn anyconnect'): - print("vpn anyconnect server is not configured") + if not Config().exists_effective('vpn openconnect'): + print("vpn openconnect server is not configured") sys.exit(1) def main(): @@ -54,7 +54,7 @@ def main(): args = parser.parse_args() - # Check is IPoE configured + # Check is Openconnect server configured is_ocserv_configured() if args.action == "restart": |