diff options
| author | Christian Breunig <christian@breunig.cc> | 2023-08-31 17:14:53 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-31 17:14:53 +0200 |
| commit | ca0cf364f05b391fbe2ebd1e87e2a022d94a2e6d (patch) | |
| tree | 8452663292e66d52a0411a7ae4f8c9b2c5eaa02e /python | |
| parent | af737cf57e53a08a53ec2037ee476ee9098d8216 (diff) | |
| parent | 493d060922f638d81dd5d4a81ffdf19e16943e3e (diff) | |
| download | vyos-1x-ca0cf364f05b391fbe2ebd1e87e2a022d94a2e6d.tar.gz vyos-1x-ca0cf364f05b391fbe2ebd1e87e2a022d94a2e6d.zip | |
Merge pull request #2190 from sarthurdev/T4782
eapol: T4782: Support multiple CA chains
Diffstat (limited to 'python')
| -rw-r--r-- | python/vyos/configverify.py | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py index 5b94bd98b..52f9238b8 100644 --- a/python/vyos/configverify.py +++ b/python/vyos/configverify.py @@ -187,15 +187,14 @@ def verify_eapol(config): if 'ca' not in config['pki']: raise ConfigError('Invalid CA certificate specified for EAPoL') - ca_cert_name = config['eapol']['ca_certificate'] + for ca_cert_name in config['eapol']['ca_certificate']: + if ca_cert_name not in config['pki']['ca']: + raise ConfigError('Invalid CA certificate specified for EAPoL') - if ca_cert_name not in config['pki']['ca']: - raise ConfigError('Invalid CA certificate specified for EAPoL') - - ca_cert = config['pki']['ca'][ca_cert_name] + ca_cert = config['pki']['ca'][ca_cert_name] - if 'certificate' not in ca_cert: - raise ConfigError('Invalid CA certificate specified for EAPoL') + if 'certificate' not in ca_cert: + raise ConfigError('Invalid CA certificate specified for EAPoL') def verify_mirror_redirect(config): """ |