summaryrefslogtreecommitdiff
path: root/src/op_mode
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-09-06 20:25:33 +0200
committerGitHub <noreply@github.com>2023-09-06 20:25:33 +0200
commit1cad06b6db6377b7bb018990f57329b832270a6c (patch)
treef03428bedec949f474bb2a0e4b74191804f8d4d2 /src/op_mode
parente0825b52df4a2a4ce6d137bb8adc553f6e71fc0b (diff)
parent97326920e2907bdb545853887dc54c6a02b76f28 (diff)
downloadvyos-1x-1cad06b6db6377b7bb018990f57329b832270a6c.tar.gz
vyos-1x-1cad06b6db6377b7bb018990f57329b832270a6c.zip
Merge pull request #2206 from sever-sever/T5423
T5423: Fix for op-mode show vpn ike secrets
Diffstat (limited to 'src/op_mode')
-rwxr-xr-xsrc/op_mode/ipsec.py39
1 files changed, 39 insertions, 0 deletions
diff --git a/src/op_mode/ipsec.py b/src/op_mode/ipsec.py
index 57d3cfed9..44d41219e 100755
--- a/src/op_mode/ipsec.py
+++ b/src/op_mode/ipsec.py
@@ -779,6 +779,45 @@ def show_ra_summary(raw: bool):
return _get_formatted_output_ra_summary(list_sa)
+# PSK block
+def _get_raw_psk():
+ conf: ConfigTreeQuery = ConfigTreeQuery()
+ config_path = ['vpn', 'ipsec', 'authentication', 'psk']
+ psk_config = conf.get_config_dict(config_path, key_mangling=('-', '_'),
+ get_first_key=True,
+ no_tag_node_value_mangle=True)
+
+ psk_list = []
+ for psk, psk_data in psk_config.items():
+ psk_data['psk'] = psk
+ psk_list.append(psk_data)
+
+ return psk_list
+
+
+def _get_formatted_psk(psk_list):
+ headers = ["PSK", "Id", "Secret"]
+ formatted_data = []
+
+ for psk_data in psk_list:
+ formatted_data.append([psk_data["psk"], "\n".join(psk_data["id"]), psk_data["secret"]])
+
+ return tabulate(formatted_data, headers=headers)
+
+
+def show_psk(raw: bool):
+ config = ConfigTreeQuery()
+ if not config.exists('vpn ipsec authentication psk'):
+ raise vyos.opmode.UnconfiguredSubsystem('VPN ipsec psk authentication is not configured')
+
+ psk = _get_raw_psk()
+ if raw:
+ return psk
+ return _get_formatted_psk(psk)
+
+# PSK block end
+
+
if __name__ == '__main__':
try:
res = vyos.opmode.run(sys.modules[__name__])