diff options
author | hagbard <vyosdev@derith.de> | 2019-09-10 11:28:53 -0700 |
---|---|---|
committer | hagbard <vyosdev@derith.de> | 2019-09-10 11:28:53 -0700 |
commit | db07e6fa76d90eaf80a06729753fb89266437674 (patch) | |
tree | 03fc289e6a3ab71d11e80a0d625338f4d506c33a | |
parent | 1017c8103f12ebd6db4f250d8a154571fff32db1 (diff) | |
download | vyos-1x-db07e6fa76d90eaf80a06729753fb89266437674.tar.gz vyos-1x-db07e6fa76d90eaf80a06729753fb89266437674.zip |
[wireguard]: T1650 - cli option to delete default wg key
-rw-r--r-- | op-mode-definitions/wireguard.xml | 6 | ||||
-rwxr-xr-x | src/conf_mode/interface-wireguard.py | 7 | ||||
-rwxr-xr-x | src/op_mode/wireguard.py | 18 |
3 files changed, 14 insertions, 17 deletions
diff --git a/op-mode-definitions/wireguard.xml b/op-mode-definitions/wireguard.xml index 785af202c..3c54c81bd 100644 --- a/op-mode-definitions/wireguard.xml +++ b/op-mode-definitions/wireguard.xml @@ -12,7 +12,7 @@ <properties> <help>generate a wireguard keypair</help> </properties> - <command>${vyos_op_scripts_dir}/wireguard.py --genkey</command> + <command>sudo ${vyos_op_scripts_dir}/wireguard.py --genkey</command> </leafNode> <leafNode name="preshared-key"> <properties> @@ -119,9 +119,9 @@ <help>Delete wireguard properties</help> </properties> <children> - <tagNode name="named-keypair"> + <tagNode name="keypair"> <properties> - <help>Delete wireguard named keypair</help> + <help>Delete a wireguard keypair</help> <completionHelp> <script>${vyos_op_scripts_dir}/wireguard.py --listkdir</script> </completionHelp> diff --git a/src/conf_mode/interface-wireguard.py b/src/conf_mode/interface-wireguard.py index 0f9e66aa6..d51a7a08d 100755 --- a/src/conf_mode/interface-wireguard.py +++ b/src/conf_mode/interface-wireguard.py @@ -31,7 +31,6 @@ intfc = WireGuardIf(ifname) kdir = r'/config/auth/wireguard' - def check_kmod(): if not os.path.exists('/sys/module/wireguard'): sl.syslog(sl.LOG_NOTICE, "loading wirguard kmod") @@ -55,7 +54,7 @@ def get_config(): 'fwmark': 0x00, 'mtu': 1420, 'peer': {}, - 'pk': '{}/private.key'.format(kdir) + 'pk' : '{}/default/private.key'.format(kdir) } } @@ -81,8 +80,7 @@ def get_config(): if c.exists(ifname + ' mtu'): config_data[ifname]['mtu'] = c.return_value(ifname + ' mtu') if c.exists(ifname + ' private-key'): - config_data[ifname]['pk'] = "{0}/{1}/private.key".format( - kdir, c.return_value(ifname + ' private-key')) + config_data[ifname]['pk'] = "{0}/{1}/private.key".format(kdir,c.return_value(ifname + ' private-key')) if c.exists(ifname + ' peer'): for p in c.list_nodes(ifname + ' peer'): if not c.exists(ifname + ' peer ' + p + ' disable'): @@ -113,7 +111,6 @@ def get_config(): return config_data - def verify(c): if not c: return None diff --git a/src/op_mode/wireguard.py b/src/op_mode/wireguard.py index e48da2e40..4e93ec6aa 100755 --- a/src/op_mode/wireguard.py +++ b/src/op_mode/wireguard.py @@ -91,18 +91,16 @@ def genpsk(): subprocess.call(['wg genpsk'], shell=True) - def list_key_dirs(): - """ lists all dirs under /config/auth/wireguard """ + """ lists all dirs under /config/auth/wireguard """ if os.path.exists(dir): nks = next(os.walk(dir))[1] for nk in nks: print (nk) - def del_key_dir(kname): """ deletes /config/auth/wireguard/<kname> """ - kdir = "{0}/{1}".format(dir, kname) + kdir = "{0}/{1}".format(dir,kname) if not os.path.isdir(kdir): print ("named keypair {} not found".format(kname)) return 1 @@ -133,24 +131,26 @@ if __name__ == '__main__': if args.location: genkey("{0}/{1}".format(dir, args.location)) else: - genkey(dir) - + genkey("{}/default".format(dir)) if args.showpub: if args.location: showkey("{0}/{1}/public.key".format(dir, args.location)) else: - showkey("{}/public.key".format(dir)) + showkey("{}/default/public.key".format(dir)) if args.showpriv: if args.location: showkey("{0}/{1}/private.key".format(dir, args.location)) else: - showkey("{}/private".format(dir)) + showkey("{}/default/private.key".format(dir)) if args.genpsk: genpsk() if args.listkdir: list_key_dirs() if args.delkdir: - del_key_dir(args.location) + if args.location: + del_key_dir(args.location) + else: + del_key_dir("default") except ConfigError as e: print(e) |