summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorsarthurdev <965089+sarthurdev@users.noreply.github.com>2021-06-29 11:06:44 +0200
committersarthurdev <965089+sarthurdev@users.noreply.github.com>2021-06-29 21:26:44 +0200
commitf5a8a9cdfe52c331177c8bc7b8fb84fc08d4f60a (patch)
tree932113197018d823ca83e092139c8a06f89e3b99 /interface-definitions
parent6f66e71e4622c54058b8689d4be730905d69fe22 (diff)
downloadvyos-1x-f5a8a9cdfe52c331177c8bc7b8fb84fc08d4f60a.tar.gz
vyos-1x-f5a8a9cdfe52c331177c8bc7b8fb84fc08d4f60a.zip
pki: ipsec: T3642: Migrate IPSec to use PKI configuration
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/pki/certificate-key.xml.i15
-rw-r--r--interface-definitions/include/pki/dh-parameters.xml.i14
-rw-r--r--interface-definitions/include/pki/openvpn_tls-auth.xml.i14
-rw-r--r--interface-definitions/pki.xml.in8
-rw-r--r--interface-definitions/vpn_ipsec.xml.in38
5 files changed, 8 insertions, 81 deletions
diff --git a/interface-definitions/include/pki/certificate-key.xml.i b/interface-definitions/include/pki/certificate-key.xml.i
index b68f38442..7f26d25c1 100644
--- a/interface-definitions/include/pki/certificate-key.xml.i
+++ b/interface-definitions/include/pki/certificate-key.xml.i
@@ -1,17 +1,6 @@
<!-- include start from pki/certificate-key.xml.i -->
-<leafNode name="certificate">
- <properties>
- <help>Certificate and private key in PKI configuration</help>
- <valueHelp>
- <format>cert name</format>
- <description>Name of certificate in PKI configuration</description>
- </valueHelp>
- <completionHelp>
- <path>pki certificate</path>
- </completionHelp>
- </properties>
-</leafNode>
-<leafNode name="private-key-passphrase">
+#include <include/pki/certificate.xml.i>
+<leafNode name="passphrase">
<properties>
<help>Private key passphrase</help>
<valueHelp>
diff --git a/interface-definitions/include/pki/dh-parameters.xml.i b/interface-definitions/include/pki/dh-parameters.xml.i
deleted file mode 100644
index 6e69528e7..000000000
--- a/interface-definitions/include/pki/dh-parameters.xml.i
+++ /dev/null
@@ -1,14 +0,0 @@
-<!-- include start from pki/dh-parameters.xml.i -->
-<leafNode name="dh-parameters">
- <properties>
- <help>Diffie-Hellman parameters in PKI configuration</help>
- <valueHelp>
- <format>DH name</format>
- <description>Name of DH params in PKI configuration</description>
- </valueHelp>
- <completionHelp>
- <path>pki dh</path>
- </completionHelp>
- </properties>
-</leafNode>
-<!-- include end -->
diff --git a/interface-definitions/include/pki/openvpn_tls-auth.xml.i b/interface-definitions/include/pki/openvpn_tls-auth.xml.i
deleted file mode 100644
index 2b9a69653..000000000
--- a/interface-definitions/include/pki/openvpn_tls-auth.xml.i
+++ /dev/null
@@ -1,14 +0,0 @@
-<!-- include start from pki/openvpn_tls-auth.xml.i -->
-<leafNode name="auth-key">
- <properties>
- <help>Static key for tls-auth in PKI configuration</help>
- <valueHelp>
- <format>key name</format>
- <description>Name of static key in PKI configuration</description>
- </valueHelp>
- <completionHelp>
- <path>pki openvpn tls-auth</path>
- </completionHelp>
- </properties>
-</leafNode>
-<!-- include end -->
diff --git a/interface-definitions/pki.xml.in b/interface-definitions/pki.xml.in
index e818ae438..4b082cbc4 100644
--- a/interface-definitions/pki.xml.in
+++ b/interface-definitions/pki.xml.in
@@ -141,19 +141,19 @@
<help>OpenVPN keys</help>
</properties>
<children>
- <tagNode name="tls-auth">
+ <tagNode name="shared-secret">
<properties>
- <help>OpenVPN TLS auth key</help>
+ <help>OpenVPN shared secret key</help>
</properties>
<children>
<leafNode name="key">
<properties>
- <help>OpenVPN TLS auth key data</help>
+ <help>OpenVPN shared secret key data</help>
</properties>
</leafNode>
<leafNode name="version">
<properties>
- <help>OpenVPN TLS auth key version</help>
+ <help>OpenVPN shared secret key version</help>
</properties>
</leafNode>
</children>
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index 2031217ba..7b1b3a595 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -804,42 +804,8 @@
<help>X.509 certificate</help>
</properties>
<children>
- #include <include/certificate.xml.i>
- #include <include/certificate-ca.xml.i>
- <leafNode name="crl-file">
- <properties>
- <help>File containing the X.509 Certificate Revocation List (CRL)</help>
- <valueHelp>
- <format>txt</format>
- <description>File in /config/auth</description>
- </valueHelp>
- </properties>
- </leafNode>
- <node name="key">
- <properties>
- <help>Key file and password to open it</help>
- </properties>
- <children>
- <leafNode name="file">
- <properties>
- <help>File containing the private key for the X.509 certificate for this host</help>
- <valueHelp>
- <format>txt</format>
- <description>File in /config/auth</description>
- </valueHelp>
- </properties>
- </leafNode>
- <leafNode name="password">
- <properties>
- <help>Password that protects the private key</help>
- <valueHelp>
- <format>txt</format>
- <description>Password that protects the private key</description>
- </valueHelp>
- </properties>
- </leafNode>
- </children>
- </node>
+ #include <include/pki/certificate-key.xml.i>
+ #include <include/pki/ca-certificate.xml.i>
</children>
</node>
</children>