summaryrefslogtreecommitdiff
path: root/src/conf_mode/service_https.py
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-01-03 21:57:00 +0100
committerChristian Breunig <christian@breunig.cc>2024-01-04 07:55:13 +0100
commitb152b52023ba0cf0d4919eae39e92de28a458917 (patch)
treec8c6cdbdeccd48ff60a0ef6b0b6ed0d339687969 /src/conf_mode/service_https.py
parent301312b293238d3041c8912af6fdb86b506d7ab4 (diff)
downloadvyos-1x-b152b52023ba0cf0d4919eae39e92de28a458917.tar.gz
vyos-1x-b152b52023ba0cf0d4919eae39e92de28a458917.zip
configdict: T5894: add get_config_dict() flag with_pki
VyOS has several services relaying on the PKI CLI tree to retrieve certificates. Consuming services like ethernet, openvpn or ipsec all re-implemented the same code to retrieve the certificates from the CLI. This commit extends the signature of get_config_dict() with a new option with_pki that defaults to false. If this option is set, the PKI CLI tree will be blended into the resulting dictionary.
Diffstat (limited to 'src/conf_mode/service_https.py')
-rwxr-xr-xsrc/conf_mode/service_https.py11
1 files changed, 3 insertions, 8 deletions
diff --git a/src/conf_mode/service_https.py b/src/conf_mode/service_https.py
index 3dc5dfc01..cb40acc9f 100755
--- a/src/conf_mode/service_https.py
+++ b/src/conf_mode/service_https.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019-2023 VyOS maintainers and contributors
+# Copyright (C) 2019-2024 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -78,12 +78,7 @@ def get_config(config=None):
diff = get_config_diff(conf)
- https = conf.get_config_dict(base, get_first_key=True)
-
- if https:
- https['pki'] = conf.get_config_dict(['pki'], key_mangling=('-', '_'),
- no_tag_node_value_mangle=True,
- get_first_key=True)
+ https = conf.get_config_dict(base, get_first_key=True, with_pki=True)
https['children_changed'] = diff.node_changed_children(base)
https['api_add_or_delete'] = diff.node_changed_presence(base + ['api'])
@@ -119,7 +114,7 @@ def verify(https):
if 'certificate' in certificates:
if not https['pki']:
- raise ConfigError("PKI is not configured")
+ raise ConfigError('PKI is not configured')
cert_name = certificates['certificate']