diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-05-24 20:50:03 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-05-24 20:50:03 +0200 |
commit | 714de9764012409921736787e664b030a33907b9 (patch) | |
tree | 6e4c5836764434c8b1616acbdcf479cf78895e08 | |
parent | e60d65e02f94deb9741bdd3d7f6621a79bf81fcf (diff) | |
download | vyos-1x-714de9764012409921736787e664b030a33907b9.tar.gz vyos-1x-714de9764012409921736787e664b030a33907b9.zip |
isis: T3417: implement domain-password md5
-rw-r--r-- | data/templates/frr/isis.frr.tmpl | 12 | ||||
-rw-r--r-- | interface-definitions/include/isis/protocol-common-config.xml.i | 2 | ||||
-rwxr-xr-x | src/conf_mode/protocols_isis.py | 8 |
3 files changed, 14 insertions, 8 deletions
diff --git a/data/templates/frr/isis.frr.tmpl b/data/templates/frr/isis.frr.tmpl index 58c44e2d4..540d91e3c 100644 --- a/data/templates/frr/isis.frr.tmpl +++ b/data/templates/frr/isis.frr.tmpl @@ -13,8 +13,12 @@ router isis VyOS {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if set_overload_bit is defined %} set-overload-bit {% endif %} -{% if domain_password is defined and domain_password.plaintext_password is defined and domain_password.plaintext_password is not none %} +{% if domain_password is defined and domain_password is not none %} +{% if domain_password.md5 is defined and domain_password.md5 is not none %} + domain-password md5 {{ domain_password.plaintext_password }} +{% elif domain_password.plaintext_password is defined and domain_password.plaintext_password is not none %} domain-password clear {{ domain_password.plaintext_password }} +{% endif %} {% endif %} {% if lsp_gen_interval is defined and lsp_gen_interval is not none %} lsp-gen-interval {{ lsp_gen_interval }} @@ -95,10 +99,12 @@ router isis VyOS {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if spf_delay_ietf is defined and spf_delay_ietf.init_delay is defined and spf_delay_ietf.init_delay is not none %} spf-delay-ietf init-delay {{ spf_delay_ietf.init_delay }} {% endif %} -{% if area_password is defined and area_password.md5 is defined and area_password.md5 is not none %} +{% if area_password is defined and area_password is not none %} +{% if area_password.md5 is defined and area_password.md5 is not none %} area-password md5 {{ area_password.md5 }} -{% elif area_password is defined and area_password.plaintext_password is defined and area_password.plaintext_password is not none %} +{% elif area_password.plaintext_password is defined and area_password.plaintext_password is not none %} area-password clear {{ area_password.plaintext_password }} +{% endif %} {% endif %} {% if default_information is defined and default_information.originate is defined and default_information.originate is not none %} {% for afi, afi_config in default_information.originate.items() %} diff --git a/interface-definitions/include/isis/protocol-common-config.xml.i b/interface-definitions/include/isis/protocol-common-config.xml.i index 9b8283f40..3ed0b0607 100644 --- a/interface-definitions/include/isis/protocol-common-config.xml.i +++ b/interface-definitions/include/isis/protocol-common-config.xml.i @@ -68,7 +68,6 @@ </valueHelp> </properties> </leafNode> -<!-- <leafNode name="md5"> <properties> <help>MD5 authentication type</help> @@ -78,7 +77,6 @@ </valueHelp> </properties> </leafNode> ---> </children> </node> <leafNode name="dynamic-hostname"> diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py index ef21e0055..c3a444f16 100755 --- a/src/conf_mode/protocols_isis.py +++ b/src/conf_mode/protocols_isis.py @@ -128,9 +128,11 @@ def verify(isis): raise ConfigError(f'Interface {interface} is not a member of VRF {vrf}!') # If md5 and plaintext-password set at the same time - if 'area_password' in isis: - if {'md5', 'plaintext_password'} <= set(isis['encryption']): - raise ConfigError('Can not use both md5 and plaintext-password for ISIS area-password!') + for password in ['area_password', 'domain_password']: + if password in isis: + if {'md5', 'plaintext_password'} <= set(isis[password]): + tmp = password.replace('_', '-') + raise ConfigError(f'Can use either md5 or plaintext-password for {tmp}!') # If one param from delay set, but not set others if 'spf_delay_ietf' in isis: |