summaryrefslogtreecommitdiff
path: root/src/conf_mode/vpn_ipsec.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-07-18 20:36:05 +0200
committerChristian Poessinger <christian@poessinger.com>2021-07-18 20:36:05 +0200
commite202bff7824621c54ad137f4dd02d3b6e77cc5ff (patch)
tree3d52b4a2618bc9a3d9c8acd46fae664bd066ad2d /src/conf_mode/vpn_ipsec.py
parentcb58eaaeff508d338c476071edc2332be5605fb8 (diff)
downloadvyos-1x-e202bff7824621c54ad137f4dd02d3b6e77cc5ff.tar.gz
vyos-1x-e202bff7824621c54ad137f4dd02d3b6e77cc5ff.zip
ipsec: l2tp: T2816: use common if 'key' in dict pattern
Diffstat (limited to 'src/conf_mode/vpn_ipsec.py')
-rwxr-xr-xsrc/conf_mode/vpn_ipsec.py9
1 files changed, 5 insertions, 4 deletions
diff --git a/src/conf_mode/vpn_ipsec.py b/src/conf_mode/vpn_ipsec.py
index a359361f3..0bb74d2dd 100755
--- a/src/conf_mode/vpn_ipsec.py
+++ b/src/conf_mode/vpn_ipsec.py
@@ -115,10 +115,11 @@ def get_config(config=None):
get_first_key=True,
no_tag_node_value_mangle=True)
- ipsec['l2tp'] = conf.get_config_dict(l2tp_base, key_mangling=('-', '_'),
+ tmp = conf.get_config_dict(l2tp_base, key_mangling=('-', '_'),
get_first_key=True,
no_tag_node_value_mangle=True)
- if ipsec['l2tp']:
+ if tmp:
+ ipsec['l2tp'] = tmp
l2tp_defaults = defaults(l2tp_base)
ipsec['l2tp'] = dict_merge(l2tp_defaults, ipsec['l2tp'])
ipsec['l2tp_outside_address'] = conf.return_value(['vpn', 'l2tp', 'remote-access', 'outside-address'])
@@ -177,7 +178,7 @@ def verify(ipsec):
for ifname in ipsec['interface']:
verify_interface_exists(ifname)
- if ipsec['l2tp']:
+ if 'l2tp' in ipsec:
if 'esp_group' in ipsec['l2tp']:
if 'esp_group' not in ipsec or ipsec['l2tp']['esp_group'] not in ipsec['esp_group']:
raise ConfigError(f"Invalid esp-group on L2TP remote-access config")
@@ -426,7 +427,7 @@ def generate(ipsec):
if not os.path.exists(KEY_PATH):
os.mkdir(KEY_PATH, mode=0o700)
- if ipsec['l2tp']:
+ if 'l2tp' in ipsec:
if 'authentication' in ipsec['l2tp'] and 'x509' in ipsec['l2tp']['authentication']:
generate_pki_files_x509(ipsec['pki'], ipsec['l2tp']['authentication']['x509'])