summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-03-16 21:17:14 +0100
committerGitHub <noreply@github.com>2023-03-16 21:17:14 +0100
commitda42b37983e75dc4587160036be9eb71df4e4989 (patch)
treeb15bb7e3e04ab71505e6bc4c0e05f934942a5b9e /src
parent689d6f077708bb011f00c703dbed75e5d0893418 (diff)
parente540d0ad4c58f073a15d7064bef55f04be670ca9 (diff)
downloadvyos-1x-da42b37983e75dc4587160036be9eb71df4e4989.tar.gz
vyos-1x-da42b37983e75dc4587160036be9eb71df4e4989.zip
Merge pull request #1895 from sever-sever/T5091
T5091: IPoE-server verify RADIUS settings
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/service_ipoe-server.py11
1 files changed, 11 insertions, 0 deletions
diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py
index 9cdfa08ef..4fabe170f 100755
--- a/src/conf_mode/service_ipoe-server.py
+++ b/src/conf_mode/service_ipoe-server.py
@@ -60,6 +60,17 @@ def verify(ipoe):
'Use "ipoe client-ip-pool" instead.')
#verify_accel_ppp_base_service(ipoe, local_users=False)
+ # IPoE server does not have 'gateway' option in the CLI
+ # we cannot use configverify.py verify_accel_ppp_base_service for ipoe-server
+
+ if dict_search('authentication.mode', ipoe) == 'radius':
+ if not dict_search('authentication.radius.server', ipoe):
+ raise ConfigError('RADIUS authentication requires at least one server')
+
+ for server in dict_search('authentication.radius.server', ipoe):
+ radius_config = ipoe['authentication']['radius']['server'][server]
+ if 'key' not in radius_config:
+ raise ConfigError(f'Missing RADIUS secret key for server "{server}"')
if 'client_ipv6_pool' in ipoe:
if 'delegate' in ipoe['client_ipv6_pool'] and 'prefix' not in ipoe['client_ipv6_pool']: