diff options
| author | Andrew Gunnerson <chillermillerlong@hotmail.com> | 2022-02-14 17:02:13 -0500 |
|---|---|---|
| committer | Andrew Gunnerson <chillermillerlong@hotmail.com> | 2022-02-14 17:23:21 -0500 |
| commit | e00edb0072ceb07b92be826984154afeb6c567d3 (patch) | |
| tree | a6cdf5fd600d5cbd1f33969b79440e1fb99b3623 | |
| parent | 122c7a53575f67759f157e02eca776f799658dc1 (diff) | |
| download | vyos-1x-e00edb0072ceb07b92be826984154afeb6c567d3.tar.gz vyos-1x-e00edb0072ceb07b92be826984154afeb6c567d3.zip | |
pki: eapol: T4244: Fix KeyError when CA cert name differs from client cert name
This commit fixes a small typo where the client cert name was being used
to index the CA configuration dict.
Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com>
| -rw-r--r-- | python/vyos/configverify.py | 2 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces-ethernet.py | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py index 365a28feb..18fb7f9f7 100644 --- a/python/vyos/configverify.py +++ b/python/vyos/configverify.py @@ -173,7 +173,7 @@ def verify_eapol(config): if ca_cert_name not in config['pki']['ca']: raise ConfigError('Invalid CA certificate specified for EAPoL') - ca_cert = config['pki']['ca'][cert_name] + ca_cert = config['pki']['ca'][ca_cert_name] if 'certificate' not in ca_cert: raise ConfigError('Invalid CA certificate specified for EAPoL') diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index e7250fb49..ab8d58f81 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -165,7 +165,7 @@ def generate(ethernet): if 'ca_certificate' in ethernet['eapol']: ca_cert_file_path = os.path.join(cfg_dir, f'{ifname}_ca.pem') ca_cert_name = ethernet['eapol']['ca_certificate'] - pki_ca_cert = ethernet['pki']['ca'][cert_name] + pki_ca_cert = ethernet['pki']['ca'][ca_cert_name] write_file(ca_cert_file_path, wrap_certificate(pki_ca_cert['certificate'])) |