diff options
author | Christian Breunig <christian@breunig.cc> | 2024-01-03 21:57:00 +0100 |
---|---|---|
committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-01-04 06:58:41 +0000 |
commit | 706fdbb234202723e02f93ad8eb724649181a60a (patch) | |
tree | 14ad877fe86882f8325f6bda83471197aecc6c45 /src/conf_mode/service_https.py | |
parent | 4b06cac36c8ca4d63926871885e8ac52a5a899f1 (diff) | |
download | vyos-1x-706fdbb234202723e02f93ad8eb724649181a60a.tar.gz vyos-1x-706fdbb234202723e02f93ad8eb724649181a60a.zip |
configdict: T5894: add get_config_dict() flag with_pki
VyOS has several services relaying on the PKI CLI tree to retrieve certificates.
Consuming services like ethernet, openvpn or ipsec all re-implemented the same
code to retrieve the certificates from the CLI.
This commit extends the signature of get_config_dict() with a new option with_pki
that defaults to false. If this option is set, the PKI CLI tree will be blended
into the resulting dictionary.
(cherry picked from commit b152b52023ba0cf0d4919eae39e92de28a458917)
Diffstat (limited to 'src/conf_mode/service_https.py')
-rwxr-xr-x | src/conf_mode/service_https.py | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/src/conf_mode/service_https.py b/src/conf_mode/service_https.py index 3dc5dfc01..cb40acc9f 100755 --- a/src/conf_mode/service_https.py +++ b/src/conf_mode/service_https.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019-2023 VyOS maintainers and contributors +# Copyright (C) 2019-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -78,12 +78,7 @@ def get_config(config=None): diff = get_config_diff(conf) - https = conf.get_config_dict(base, get_first_key=True) - - if https: - https['pki'] = conf.get_config_dict(['pki'], key_mangling=('-', '_'), - no_tag_node_value_mangle=True, - get_first_key=True) + https = conf.get_config_dict(base, get_first_key=True, with_pki=True) https['children_changed'] = diff.node_changed_children(base) https['api_add_or_delete'] = diff.node_changed_presence(base + ['api']) @@ -119,7 +114,7 @@ def verify(https): if 'certificate' in certificates: if not https['pki']: - raise ConfigError("PKI is not configured") + raise ConfigError('PKI is not configured') cert_name = certificates['certificate'] |