summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-09-06 21:22:57 +0200
committerChristian Poessinger <christian@poessinger.com>2021-09-06 21:22:57 +0200
commitb45cef9185cc78de7bc4170403e47b8ee1d14e3b (patch)
tree6531187eccbe1041b3165963889e1354c8ee486b
parent84a429b41175b95634ec9492e0cf3a564a47abdd (diff)
downloadvyos-1x-b45cef9185cc78de7bc4170403e47b8ee1d14e3b.tar.gz
vyos-1x-b45cef9185cc78de7bc4170403e47b8ee1d14e3b.zip
pki: eapol: T3642: use write_file() to store certificates
-rwxr-xr-xsrc/conf_mode/interfaces-ethernet.py12
1 files changed, 5 insertions, 7 deletions
diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py
index 2a094af52..31998a9a8 100755
--- a/src/conf_mode/interfaces-ethernet.py
+++ b/src/conf_mode/interfaces-ethernet.py
@@ -37,6 +37,7 @@ from vyos.pki import wrap_private_key
from vyos.template import render
from vyos.util import call
from vyos.util import dict_search
+from vyos.util import write_file
from vyos import ConfigError
from vyos import airbag
airbag.enable()
@@ -156,19 +157,16 @@ def generate(ethernet):
cert_name = ethernet['eapol']['certificate']
pki_cert = ethernet['pki']['certificate'][cert_name]
- with open(cert_file_path, 'w') as f:
- f.write(wrap_certificate(pki_cert['certificate']))
-
- with open(cert_key_path, 'w') as f:
- f.write(wrap_private_key(pki_cert['private']['key']))
+ write_file(cert_file_path, wrap_certificate(pki_cert['certificate']))
+ write_file(cert_key_path, wrap_private_key(pki_cert['private']['key']))
if 'ca_certificate' in ethernet['eapol']:
ca_cert_file_path = os.path.join(cfg_dir, f'{ifname}_ca.pem')
ca_cert_name = ethernet['eapol']['ca_certificate']
pki_ca_cert = ethernet['pki']['ca'][cert_name]
- with open(ca_cert_file_path, 'w') as f:
- f.write(wrap_certificate(pki_ca_cert['certificate']))
+ write_file(ca_cert_file_path,
+ wrap_certificate(pki_ca_cert['certificate']))
else:
# delete configuration on interface removal
if os.path.isfile(wpa_suppl_conf.format(**ethernet)):