summaryrefslogtreecommitdiff
path: root/data
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2024-11-19 17:44:58 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2024-11-21 13:34:51 +0000
commit5c7647bcc242d4b26cd9afdde1f084ef93916727 (patch)
treef87fe803bce58e2245b7273cf95c8ffc69e6f734 /data
parent8f76c96cb4d7132b7654aa5f37e8ab49fa2e137a (diff)
downloadvyos-1x-5c7647bcc242d4b26cd9afdde1f084ef93916727.tar.gz
vyos-1x-5c7647bcc242d4b26cd9afdde1f084ef93916727.zip
T264: IPsec add base64 encoded secret-type feature
Add the ability to configure base64 encoded passwords for VPN IPSec site-to-site peers authentication psk PSK secret 'xxxxx==' authentication psk PSK secret-type <base64|plaintext>
Diffstat (limited to 'data')
-rw-r--r--data/templates/ipsec/swanctl.conf.j24
1 files changed, 4 insertions, 0 deletions
diff --git a/data/templates/ipsec/swanctl.conf.j2 b/data/templates/ipsec/swanctl.conf.j2
index 698a9135e..64e7ea860 100644
--- a/data/templates/ipsec/swanctl.conf.j2
+++ b/data/templates/ipsec/swanctl.conf.j2
@@ -87,7 +87,11 @@ secrets {
id-{{ gen_uuid }} = "{{ id }}"
{% endfor %}
{% endif %}
+{% if psk_config.secret_type is vyos_defined('base64') %}
+ secret = 0s{{ psk_config.secret }}
+{% elif psk_config.secret_type is vyos_defined('plaintext') %}
secret = "{{ psk_config.secret }}"
+{% endif %}
}
{% endfor %}
{% endif %}