diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-07-18 20:36:05 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-07-18 20:36:05 +0200 |
commit | e202bff7824621c54ad137f4dd02d3b6e77cc5ff (patch) | |
tree | 3d52b4a2618bc9a3d9c8acd46fae664bd066ad2d /src/conf_mode/vpn_ipsec.py | |
parent | cb58eaaeff508d338c476071edc2332be5605fb8 (diff) | |
download | vyos-1x-e202bff7824621c54ad137f4dd02d3b6e77cc5ff.tar.gz vyos-1x-e202bff7824621c54ad137f4dd02d3b6e77cc5ff.zip |
ipsec: l2tp: T2816: use common if 'key' in dict pattern
Diffstat (limited to 'src/conf_mode/vpn_ipsec.py')
-rwxr-xr-x | src/conf_mode/vpn_ipsec.py | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/conf_mode/vpn_ipsec.py b/src/conf_mode/vpn_ipsec.py index a359361f3..0bb74d2dd 100755 --- a/src/conf_mode/vpn_ipsec.py +++ b/src/conf_mode/vpn_ipsec.py @@ -115,10 +115,11 @@ def get_config(config=None): get_first_key=True, no_tag_node_value_mangle=True) - ipsec['l2tp'] = conf.get_config_dict(l2tp_base, key_mangling=('-', '_'), + tmp = conf.get_config_dict(l2tp_base, key_mangling=('-', '_'), get_first_key=True, no_tag_node_value_mangle=True) - if ipsec['l2tp']: + if tmp: + ipsec['l2tp'] = tmp l2tp_defaults = defaults(l2tp_base) ipsec['l2tp'] = dict_merge(l2tp_defaults, ipsec['l2tp']) ipsec['l2tp_outside_address'] = conf.return_value(['vpn', 'l2tp', 'remote-access', 'outside-address']) @@ -177,7 +178,7 @@ def verify(ipsec): for ifname in ipsec['interface']: verify_interface_exists(ifname) - if ipsec['l2tp']: + if 'l2tp' in ipsec: if 'esp_group' in ipsec['l2tp']: if 'esp_group' not in ipsec or ipsec['l2tp']['esp_group'] not in ipsec['esp_group']: raise ConfigError(f"Invalid esp-group on L2TP remote-access config") @@ -426,7 +427,7 @@ def generate(ipsec): if not os.path.exists(KEY_PATH): os.mkdir(KEY_PATH, mode=0o700) - if ipsec['l2tp']: + if 'l2tp' in ipsec: if 'authentication' in ipsec['l2tp'] and 'x509' in ipsec['l2tp']['authentication']: generate_pki_files_x509(ipsec['pki'], ipsec['l2tp']['authentication']['x509']) |