summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-05-19 20:56:28 +0200
committerChristian Poessinger <christian@poessinger.com>2022-05-19 20:56:28 +0200
commit6f818ee9033ee3abeedbed73eb44331dc27e7408 (patch)
treeb4ca9a65ec5e604c00746d85d44435ab545b0f03
parent05e952a5111fc7102ebf3007c1228bf1d34c6a09 (diff)
downloadvyos-1x-6f818ee9033ee3abeedbed73eb44331dc27e7408.tar.gz
vyos-1x-6f818ee9033ee3abeedbed73eb44331dc27e7408.zip
dmvpn: nhrp: T4434: secret length can not exceed 8 characters
-rwxr-xr-xsrc/conf_mode/protocols_nhrp.py7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/conf_mode/protocols_nhrp.py b/src/conf_mode/protocols_nhrp.py
index b6371d09f..e4848dea5 100755
--- a/src/conf_mode/protocols_nhrp.py
+++ b/src/conf_mode/protocols_nhrp.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -81,6 +81,11 @@ def verify(nhrp):
for map_name, map_conf in nhrp_conf['dynamic_map'].items():
if 'nbma_domain_name' not in map_conf:
raise ConfigError(f'nbma-domain-name missing on dynamic-map {map_name} on tunnel {name}')
+
+ if 'cisco_authentication' in nhrp_conf:
+ if len(nhrp_conf['cisco_authentication']) > 8:
+ raise ConfigError('Maximum length of the secret is 8 characters!')
+
return None
def generate(nhrp):