diff options
author | Christian Breunig <christian@breunig.cc> | 2023-03-16 21:17:14 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-03-16 21:17:14 +0100 |
commit | da42b37983e75dc4587160036be9eb71df4e4989 (patch) | |
tree | b15bb7e3e04ab71505e6bc4c0e05f934942a5b9e /src | |
parent | 689d6f077708bb011f00c703dbed75e5d0893418 (diff) | |
parent | e540d0ad4c58f073a15d7064bef55f04be670ca9 (diff) | |
download | vyos-1x-da42b37983e75dc4587160036be9eb71df4e4989.tar.gz vyos-1x-da42b37983e75dc4587160036be9eb71df4e4989.zip |
Merge pull request #1895 from sever-sever/T5091
T5091: IPoE-server verify RADIUS settings
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/service_ipoe-server.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py index 9cdfa08ef..4fabe170f 100755 --- a/src/conf_mode/service_ipoe-server.py +++ b/src/conf_mode/service_ipoe-server.py @@ -60,6 +60,17 @@ def verify(ipoe): 'Use "ipoe client-ip-pool" instead.') #verify_accel_ppp_base_service(ipoe, local_users=False) + # IPoE server does not have 'gateway' option in the CLI + # we cannot use configverify.py verify_accel_ppp_base_service for ipoe-server + + if dict_search('authentication.mode', ipoe) == 'radius': + if not dict_search('authentication.radius.server', ipoe): + raise ConfigError('RADIUS authentication requires at least one server') + + for server in dict_search('authentication.radius.server', ipoe): + radius_config = ipoe['authentication']['radius']['server'][server] + if 'key' not in radius_config: + raise ConfigError(f'Missing RADIUS secret key for server "{server}"') if 'client_ipv6_pool' in ipoe: if 'delegate' in ipoe['client_ipv6_pool'] and 'prefix' not in ipoe['client_ipv6_pool']: |