summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-02-03 21:43:20 +0100
committerChristian Breunig <christian@breunig.cc>2024-02-03 21:45:14 +0100
commit586863bf3a9cb1dd1c0d74b628d00096b905740f (patch)
tree03a354859982c139974442edf13e16f0e4dde200 /src
parent84b17f0e666b7fb48e2e9cde12ce2e84b59dd5b2 (diff)
downloadvyos-1x-586863bf3a9cb1dd1c0d74b628d00096b905740f.tar.gz
vyos-1x-586863bf3a9cb1dd1c0d74b628d00096b905740f.zip
rpki: T6011: known-hosts-file is no longer supported by FRR
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/protocols_rpki.py6
-rwxr-xr-xsrc/migration-scripts/rpki/1-to-251
2 files changed, 54 insertions, 3 deletions
diff --git a/src/conf_mode/protocols_rpki.py b/src/conf_mode/protocols_rpki.py
index 05e876f3b..0fc14e868 100755
--- a/src/conf_mode/protocols_rpki.py
+++ b/src/conf_mode/protocols_rpki.py
@@ -63,11 +63,11 @@ def verify(rpki):
preferences.append(preference)
if 'ssh' in peer_config:
- files = ['private_key_file', 'public_key_file', 'known_hosts_file']
+ files = ['private_key_file', 'public_key_file']
for file in files:
if file not in peer_config['ssh']:
- raise ConfigError('RPKI+SSH requires username, public/private ' \
- 'keys and known-hosts file to be defined!')
+ raise ConfigError('RPKI+SSH requires username and public/private ' \
+ 'key file to be defined!')
filename = peer_config['ssh'][file]
if not os.path.exists(filename):
diff --git a/src/migration-scripts/rpki/1-to-2 b/src/migration-scripts/rpki/1-to-2
new file mode 100755
index 000000000..559440bba
--- /dev/null
+++ b/src/migration-scripts/rpki/1-to-2
@@ -0,0 +1,51 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2024 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# T6011: rpki: known-hosts-file is no longer supported bxy FRR CLI,
+# remove VyOS CLI node
+
+from sys import exit
+from sys import argv
+from vyos.configtree import ConfigTree
+
+if len(argv) < 2:
+ print("Must specify file name!")
+ exit(1)
+
+file_name = argv[1]
+
+with open(file_name, 'r') as f:
+ config_file = f.read()
+
+base = ['protocols', 'rpki']
+config = ConfigTree(config_file)
+
+# Nothing to do
+if not config.exists(base):
+ exit(0)
+
+if config.exists(base + ['cache']):
+ for cache in config.list_nodes(base + ['cache']):
+ ssh_node = base + ['cache', cache, 'ssh']
+ if config.exists(ssh_node + ['known-hosts-file']):
+ config.delete(ssh_node + ['known-hosts-file'])
+
+try:
+ with open(file_name, 'w') as f:
+ f.write(config.to_string())
+except OSError as e:
+ print("Failed to save the modified config: {}".format(e))
+ exit(1)