diff options
| author | RageLtMan <rageltman [at] sempervictus> | 2022-08-18 18:57:19 -0400 |
|---|---|---|
| committer | RageLtMan <rageltman [at] sempervictus> | 2022-08-18 18:57:19 -0400 |
| commit | 4a5e4cfd6c11a6eed3252744ec45638249d6d2b1 (patch) | |
| tree | bde480434c5da416dd93f17874f3c45bb607f277 | |
| parent | 0b3bfe97b617b08ab9fd6682a0875c75c8a7bc5c (diff) | |
| download | vyos-1x-4a5e4cfd6c11a6eed3252744ec45638249d6d2b1.tar.gz vyos-1x-4a5e4cfd6c11a6eed3252744ec45638249d6d2b1.zip | |
T3896: update groupconfig syntax per PR1463
Address @sever-sever's suggestion to refactor how groupconfig is
defined, parsed, and set (with his proposed conditional string
appending Py-sugar). Use the disable-mobike refactor as template
for XML simplification.
Testing:
None yet
| -rw-r--r-- | data/templates/ocserv/ocserv_config.j2 | 6 | ||||
| -rw-r--r-- | interface-definitions/vpn-openconnect.xml.in | 17 |
2 files changed, 2 insertions, 21 deletions
diff --git a/data/templates/ocserv/ocserv_config.j2 b/data/templates/ocserv/ocserv_config.j2 index 5d5a4101b..fef49d30f 100644 --- a/data/templates/ocserv/ocserv_config.j2 +++ b/data/templates/ocserv/ocserv_config.j2 @@ -7,11 +7,7 @@ run-as-user = nobody run-as-group = daemon {% if "radius" in authentication.mode %} -{% if "yes" in authentication.radius.groupconfig %} -auth = "radius [config=/run/ocserv/radiusclient.conf,groupconfig=true]" -{% else %} -auth = "radius [config=/run/ocserv/radiusclient.conf]" -{% endif %} +auth = "radius [config=/run/ocserv/radiusclient.conf{{ ',groupconfig=true' if authentication.radius.groupconfig is vyos_defined else '' }}]" {% elif "local" in authentication.mode %} {% if authentication.mode.local == "password-otp" %} auth = "plain[passwd=/run/ocserv/ocpasswd,otp=/run/ocserv/users.oath]" diff --git a/interface-definitions/vpn-openconnect.xml.in b/interface-definitions/vpn-openconnect.xml.in index 54f93344b..7167b5d8d 100644 --- a/interface-definitions/vpn-openconnect.xml.in +++ b/interface-definitions/vpn-openconnect.xml.in @@ -156,23 +156,8 @@ </leafNode> <leafNode name="groupconfig"> <properties> - <help>If the groupconfig option is set to yes, then config-per-user will be overriden, and all configuration will be read from radius.</help> - <completionHelp> - <list>yes no</list> - </completionHelp> - <valueHelp> - <format>yes</format> - <description>Enable RADIUS acquisition of group properties</description> - </valueHelp> - <valueHelp> - <format>no</format> - <description>Disable RADIUS acquisition of group properties</description> - </valueHelp> - <constraint> - <regex>(yes|no)</regex> - </constraint> + <help>If the groupconfig option is set, then config-per-user will be overriden, and all configuration will be read from radius.</help> </properties> - <defaultValue>no</defaultValue> </leafNode> </children> </node> |