summaryrefslogtreecommitdiff
path: root/src/migration-scripts/sstp/0-to-1
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-03-20 21:54:05 +0100
committerChristian Poessinger <christian@poessinger.com>2020-03-20 23:25:05 +0100
commit86e47301786da64a035156edd24ed2ec89918a49 (patch)
tree4c76075673e16e36ba082a21ea268884aa350d3e /src/migration-scripts/sstp/0-to-1
parent806f912d8bf1af148623bd0d2e14dbdeaa059a6f (diff)
downloadvyos-1x-86e47301786da64a035156edd24ed2ec89918a49.tar.gz
vyos-1x-86e47301786da64a035156edd24ed2ec89918a49.zip
sstp: T2110: use uniform RADIUS CLI syntax
- migrate RADIUS configuration to a more uniform syntax accross the system - authentication radius-server x.x.x.x to authentication radius server x.x.x.x - authentication radius-settings to authentication radius
Diffstat (limited to 'src/migration-scripts/sstp/0-to-1')
-rwxr-xr-xsrc/migration-scripts/sstp/0-to-151
1 files changed, 49 insertions, 2 deletions
diff --git a/src/migration-scripts/sstp/0-to-1 b/src/migration-scripts/sstp/0-to-1
index 88d3b4fb4..652a2662f 100755
--- a/src/migration-scripts/sstp/0-to-1
+++ b/src/migration-scripts/sstp/0-to-1
@@ -14,7 +14,12 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
# - migrate from "service sstp-server" to "vpn sstp"
+# - remove primary/secondary identifier from nameserver
+# - migrate RADIUS configuration to a more uniform syntax accross the system
+# - authentication radius-server x.x.x.x to authentication radius server x.x.x.x
+# - authentication radius-settings to authentication radius
import os
import sys
@@ -58,8 +63,50 @@ else:
config.delete(dns_base)
- print(config.to_string())
- sys.exit(1)
+
+ # migrate radius options - copy subtree
+ # thus must happen before migration of the individual RADIUS servers
+ old_options = new_base + ['authentication', 'radius-settings']
+ new_options = new_base + ['authentication', 'radius']
+ config.copy(old_options, new_options)
+ config.delete(old_options)
+
+
+ # migrate radius dynamic author / change of authorisation server
+ dae_old = new_base + ['authentication', 'radius', 'dae-server']
+ if config.exists(dae_old):
+ config.rename(dae_old, 'dynamic-author')
+ dae_new = new_base + ['authentication', 'radius', 'dynamic-author']
+
+ if config.exists(dae_new + ['ip-address']):
+ config.rename(dae_new + ['ip-address'], 'server')
+
+ if config.exists(dae_new + ['secret']):
+ config.rename(dae_new + ['secret'], 'key')
+
+
+ # migrate radius server
+ radius_server = new_base + ['authentication', 'radius-server']
+ if config.exists(radius_server):
+ for server in config.list_nodes(radius_server):
+ base = radius_server + [server]
+ new = new_base + ['authentication', 'radius', 'server', server]
+
+ # convert secret to key
+ if config.exists(base + ['secret']):
+ tmp = config.return_value(base + ['secret'])
+ config.set(new + ['key'], value=tmp)
+
+ if config.exists(base + ['fail-time']):
+ tmp = config.return_value(base + ['fail-time'])
+ config.set(new + ['fail-time'], value=tmp)
+
+ if config.exists(base + ['req-limit']):
+ tmp = config.return_value(base + ['req-limit'])
+ config.set(new + ['req-limit'], value=tmp)
+
+ config.set_tag(new_base + ['authentication', 'radius', 'server'])
+ config.delete(radius_server)
try:
with open(file_name, 'w') as f: