Merge pull request #2147 from jestabro/remaining-defaults

T5434: remove reamining calls to incorrect defaults
author: Viacheslav Hletenko <v.gletenko@vyos.io> 2023-08-11 11:03:15 +0300
committer: GitHub <noreply@github.com> 2023-08-11 11:03:15 +0300
commit: 43294da10313198c4f71f46eb39c4276551ad118 (patch)
tree: b35c2ec7912133411f0b7e49c58af58bee7d9848 /src/op_mode
parent: 4659f25804bd1b534767c134247c24699aaca722 (diff)
parent: d64d3b179ce487aa6b442c397c4bb3bb1f572155 (diff)
download: vyos-1x-43294da10313198c4f71f46eb39c4276551ad118.tar.gz
vyos-1x-43294da10313198c4f71f46eb39c4276551ad118.zip
2 files changed, 20 insertions, 25 deletions
diff --git a/src/op_mode/pki.py b/src/op_mode/pki.py
index f638c51bc..aff4ad1ae 100755
--- a/src/op_mode/pki.py
+++ b/src/op_mode/pki.py
@@ -26,7 +26,6 @@ from cryptography.x509.oid import ExtendedKeyUsageOID
 
 from vyos.config import Config
 from vyos.configquery import ConfigTreeQuery
-from vyos.configdict import dict_merge
 from vyos.pki import encode_certificate, encode_public_key, encode_private_key, encode_dh_parameters
 from vyos.pki import get_certificate_fingerprint
 from vyos.pki import create_certificate, create_certificate_request, create_certificate_revocation_list
@@ -39,7 +38,6 @@ from vyos.utils.io import ask_input
 from vyos.utils.io import ask_yes_no
 from vyos.utils.misc import install_into_config
 from vyos.utils.process import cmd
-from vyos.xml import defaults
 
 CERT_REQ_END = '-----END CERTIFICATE REQUEST-----'
 auth_dir = '/config/auth'
@@ -50,10 +48,9 @@ def get_default_values():
     # Fetch default x509 values
     base = ['pki', 'x509', 'default']
     x509_defaults = conf.get_config_dict(base, key_mangling=('-', '_'),
+                                     no_tag_node_value_mangle=True,
                                      get_first_key=True,
-                                     no_tag_node_value_mangle=True)
-    default_values = defaults(base)
-    x509_defaults = dict_merge(default_values, x509_defaults)
+                                     with_recursive_defaults=True)
 
     return x509_defaults
 
diff --git a/src/op_mode/show_openconnect_otp.py b/src/op_mode/show_openconnect_otp.py
index 415a5f72c..3771fb385 100755
--- a/src/op_mode/show_openconnect_otp.py
+++ b/src/op_mode/show_openconnect_otp.py
@@ -17,12 +17,11 @@
 
 import argparse
 import os
+from base64 import b32encode
 
 from vyos.config import Config
-from vyos.xml import defaults
-from vyos.configdict import dict_merge
+from vyos.utils.dict import dict_search_args
 from vyos.utils.process import popen
-from base64 import b32encode
 
 otp_file = '/run/ocserv/users.oath'
 
@@ -33,7 +32,7 @@ def check_uname_otp(username):
     config = Config()
     base_key = ['vpn', 'openconnect', 'authentication', 'local-users', 'username', username, 'otp', 'key']
     if not config.exists(base_key):
-        return None
+        return False
     return True
 
 def get_otp_ocserv(username):
@@ -41,21 +40,21 @@ def get_otp_ocserv(username):
     base = ['vpn', 'openconnect']
     if not config.exists(base):
         return None
-    ocserv = config.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
-    # We have gathered the dict representation of the CLI, but there are default
-    # options which we need to update into the dictionary retrived.
-    default_values = defaults(base)
-    ocserv = dict_merge(default_values, ocserv)
-    # workaround a "know limitation" - https://vyos.dev/T2665
-    del ocserv['authentication']['local_users']['username']['otp']
-    if not ocserv["authentication"]["local_users"]["username"]:
+
+    ocserv = config.get_config_dict(base, key_mangling=('-', '_'),
+                                    get_first_key=True,
+                                    with_recursive_defaults=True)
+
+    user_path = ['authentication', 'local_users', 'username']
+    users = dict_search_args(ocserv, *user_path)
+
+    if users is None:
         return None
-    default_ocserv_usr_values = default_values['authentication']['local_users']['username']['otp']
-    for user, params in ocserv['authentication']['local_users']['username'].items():
-        # Not every configuration requires OTP settings
-        if ocserv['authentication']['local_users']['username'][user].get('otp'):
-            ocserv['authentication']['local_users']['username'][user]['otp'] = dict_merge(default_ocserv_usr_values, ocserv['authentication']['local_users']['username'][user]['otp'])
-    result = ocserv['authentication']['local_users']['username'][username]
+
+    # function is called conditionally, if check_uname_otp true, so username
+    # exists
+    result = users[username]
+
     return result
 
 def display_otp_ocserv(username, params, info):
@@ -101,8 +100,7 @@ if __name__ == '__main__':
     parser.add_argument('--info', action="store", type=str, default='full', help='Wich information to display')
 
     args = parser.parse_args()
-    check_otp = check_uname_otp(args.user)
-    if check_otp:
+    if check_uname_otp(args.user):
         user_otp_params = get_otp_ocserv(args.user)
         display_otp_ocserv(args.user, user_otp_params, args.info)
     else:
author	Viacheslav Hletenko <v.gletenko@vyos.io>	2023-08-11 11:03:15 +0300
committer	GitHub <noreply@github.com>	2023-08-11 11:03:15 +0300
commit	43294da10313198c4f71f46eb39c4276551ad118 (patch)
tree	b35c2ec7912133411f0b7e49c58af58bee7d9848 /src/op_mode
parent	4659f25804bd1b534767c134247c24699aaca722 (diff)
parent	d64d3b179ce487aa6b442c397c4bb3bb1f572155 (diff)
download	vyos-1x-43294da10313198c4f71f46eb39c4276551ad118.tar.gz vyos-1x-43294da10313198c4f71f46eb39c4276551ad118.zip