diff options
author | Christian Breunig <christian@breunig.cc> | 2023-09-06 20:25:33 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-09-06 20:25:33 +0200 |
commit | 1cad06b6db6377b7bb018990f57329b832270a6c (patch) | |
tree | f03428bedec949f474bb2a0e4b74191804f8d4d2 /src | |
parent | e0825b52df4a2a4ce6d137bb8adc553f6e71fc0b (diff) | |
parent | 97326920e2907bdb545853887dc54c6a02b76f28 (diff) | |
download | vyos-1x-1cad06b6db6377b7bb018990f57329b832270a6c.tar.gz vyos-1x-1cad06b6db6377b7bb018990f57329b832270a6c.zip |
Merge pull request #2206 from sever-sever/T5423
T5423: Fix for op-mode show vpn ike secrets
Diffstat (limited to 'src')
-rwxr-xr-x | src/op_mode/ipsec.py | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/src/op_mode/ipsec.py b/src/op_mode/ipsec.py index 57d3cfed9..44d41219e 100755 --- a/src/op_mode/ipsec.py +++ b/src/op_mode/ipsec.py @@ -779,6 +779,45 @@ def show_ra_summary(raw: bool): return _get_formatted_output_ra_summary(list_sa) +# PSK block +def _get_raw_psk(): + conf: ConfigTreeQuery = ConfigTreeQuery() + config_path = ['vpn', 'ipsec', 'authentication', 'psk'] + psk_config = conf.get_config_dict(config_path, key_mangling=('-', '_'), + get_first_key=True, + no_tag_node_value_mangle=True) + + psk_list = [] + for psk, psk_data in psk_config.items(): + psk_data['psk'] = psk + psk_list.append(psk_data) + + return psk_list + + +def _get_formatted_psk(psk_list): + headers = ["PSK", "Id", "Secret"] + formatted_data = [] + + for psk_data in psk_list: + formatted_data.append([psk_data["psk"], "\n".join(psk_data["id"]), psk_data["secret"]]) + + return tabulate(formatted_data, headers=headers) + + +def show_psk(raw: bool): + config = ConfigTreeQuery() + if not config.exists('vpn ipsec authentication psk'): + raise vyos.opmode.UnconfiguredSubsystem('VPN ipsec psk authentication is not configured') + + psk = _get_raw_psk() + if raw: + return psk + return _get_formatted_psk(psk) + +# PSK block end + + if __name__ == '__main__': try: res = vyos.opmode.run(sys.modules[__name__]) |