macsec: T5447: fix error message syntax - there is no tx and rx key, only key

(cherry picked from commit f29caa824c02c833a3978b9236391e4277c1a6ba)
author: Christian Breunig <christian@breunig.cc> 2024-06-19 21:18:53 +0200
committer: Mergify <37929162+mergify[bot]@users.noreply.github.com> 2024-06-19 19:24:40 +0000
commit: 0ef709dc082c97a5e0d1e19646ead98036d9a85c (patch)
tree: f3392fce588edee39cea24b552c7143ccdcceb52
parent: 5d46c64a3041504a81e630790a88738300b232c1 (diff)
download: vyos-1x-0ef709dc082c97a5e0d1e19646ead98036d9a85c.tar.gz
vyos-1x-0ef709dc082c97a5e0d1e19646ead98036d9a85c.zip
3 files changed, 10 insertions, 10 deletions
diff --git a/python/vyos/ifconfig/macsec.py b/python/vyos/ifconfig/macsec.py
index bde1d9aec..383905814 100644
--- a/python/vyos/ifconfig/macsec.py
+++ b/python/vyos/ifconfig/macsec.py
@@ -66,7 +66,7 @@ class MACsecIf(Interface):
                 cmd = 'ip macsec add {ifname} rx port 1 address'.format(**self.config)
                 cmd += f' {peer_config["mac"]}'
                 self._cmd(cmd)
-                # Add the rx-key to the address
+                # Add the encryption key to the address
                 cmd += f' sa 0 pn 1 on key 01 {peer_config["key"]}'
                 self._cmd(cmd)
 
diff --git a/smoketest/scripts/cli/test_interfaces_macsec.py b/smoketest/scripts/cli/test_interfaces_macsec.py
index a4e6840ca..d73895b7f 100755
--- a/smoketest/scripts/cli/test_interfaces_macsec.py
+++ b/smoketest/scripts/cli/test_interfaces_macsec.py
@@ -225,11 +225,11 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
             self.cli_commit()
         self.cli_delete(self._base_path + [interface, 'security', 'mka'])
 
-        # check validate() - tx-key required
+        # check validate() - key required
         with self.assertRaises(ConfigSessionError):
             self.cli_commit()
 
-        # check validate() - tx-key length must match cipher
+        # check validate() - key length must match cipher
         self.cli_set(self._base_path + [interface, 'security', 'static', 'key', tx_key_2])
         with self.assertRaises(ConfigSessionError):
             self.cli_commit()
@@ -239,7 +239,7 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
         with self.assertRaises(ConfigSessionError):
             self.cli_commit()
 
-        # check validate() - enabled peer must have both rx-key and MAC defined
+        # check validate() - enabled peer must have both key and MAC defined
         self.cli_set(self._base_path + [interface, 'security', 'static', 'peer', 'TESTPEER'])
         with self.assertRaises(ConfigSessionError):
             self.cli_commit()
@@ -252,7 +252,7 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
             self.cli_commit()
         self.cli_set(self._base_path + [interface, 'security', 'static', 'peer', 'TESTPEER', 'mac', peer_mac])
 
-        # check validate() - peer rx-key length must match cipher
+        # check validate() - peer key length must match cipher
         self.cli_set(self._base_path + [interface, 'security', 'cipher', cipher2])
         self.cli_set(self._base_path + [interface, 'security', 'static', 'key', tx_key_2])
         with self.assertRaises(ConfigSessionError):
diff --git a/src/conf_mode/interfaces_macsec.py b/src/conf_mode/interfaces_macsec.py
index eb0ca9a8b..3ede4377a 100755
--- a/src/conf_mode/interfaces_macsec.py
+++ b/src/conf_mode/interfaces_macsec.py
@@ -103,9 +103,9 @@ def verify(macsec):
 
         # Logic to check static configuration
         if dict_search('security.static', macsec) != None:
-            # tx-key must be defined
+            # key must be defined
             if dict_search('security.static.key', macsec) == None:
-                raise ConfigError('Static MACsec tx-key must be defined.')
+                raise ConfigError('Static MACsec key must be defined.')
 
             tx_len = len(dict_search('security.static.key', macsec))
 
@@ -119,12 +119,12 @@ def verify(macsec):
             if 'peer' not in macsec['security']['static']:
                 raise ConfigError('Must have at least one peer defined for static MACsec')
 
-            # For every enabled peer, make sure a MAC and rx-key is defined
+            # For every enabled peer, make sure a MAC and key is defined
             for peer, peer_config in macsec['security']['static']['peer'].items():
                 if 'disable' not in peer_config and ('mac' not in peer_config or 'key' not in peer_config):
-                    raise ConfigError('Every enabled MACsec static peer must have a MAC address and rx-key defined.')
+                    raise ConfigError('Every enabled MACsec static peer must have a MAC address and key defined!')
 
-                # check rx-key length against cipher suite
+                # check key length against cipher suite
                 rx_len = len(peer_config['key'])
 
                 if dict_search('security.cipher', macsec) == 'gcm-aes-128' and rx_len != GCM_AES_128_LEN:
author	Christian Breunig <christian@breunig.cc>	2024-06-19 21:18:53 +0200
committer	Mergify <37929162+mergify[bot]@users.noreply.github.com>	2024-06-19 19:24:40 +0000
commit	0ef709dc082c97a5e0d1e19646ead98036d9a85c (patch)
tree	f3392fce588edee39cea24b552c7143ccdcceb52
parent	5d46c64a3041504a81e630790a88738300b232c1 (diff)
download	vyos-1x-0ef709dc082c97a5e0d1e19646ead98036d9a85c.tar.gz vyos-1x-0ef709dc082c97a5e0d1e19646ead98036d9a85c.zip