diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-12-29 11:34:40 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-12-29 11:51:28 +0100 |
commit | d59354e52a8a7fbdd6bb0a020f50600d64c799a9 (patch) | |
tree | 5bc44f1b8ca1dbb38a138ac8fc62645bc308e831 /src | |
parent | 5e5e87467dd6b22d1378269f4a62825b7d122a5c (diff) | |
download | vyos-1x-d59354e52a8a7fbdd6bb0a020f50600d64c799a9.tar.gz vyos-1x-d59354e52a8a7fbdd6bb0a020f50600d64c799a9.zip |
ethernet: T1466: add EAPoL support
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/interfaces-ethernet.py | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index b358e9725..d8b637dd7 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -28,12 +28,18 @@ from vyos.configverify import verify_mtu from vyos.configverify import verify_mtu_ipv6 from vyos.configverify import verify_vlan_config from vyos.configverify import verify_vrf +from vyos.configverify import verify_eapol from vyos.ifconfig import EthernetIf +from vyos.template import render +from vyos.util import call from vyos.util import dict_search from vyos import ConfigError from vyos import airbag airbag.enable() +# XXX: wpa_supplicant works on the source interface +wpa_suppl_conf = '/run/wpa_supplicant/{ifname}.conf' + def get_config(config=None): """ Retrive CLI config as dictionary. Dictionary can never be empty, as at least the @@ -67,6 +73,7 @@ def verify(ethernet): verify_dhcpv6(ethernet) verify_address(ethernet) verify_vrf(ethernet) + verify_eapol(ethernet) # XDP requires multiple TX queues if 'xdp' in ethernet: @@ -83,16 +90,31 @@ def verify(ethernet): return None def generate(ethernet): + if 'eapol' in ethernet: + render(wpa_suppl_conf.format(**ethernet), + 'ethernet/wpa_supplicant.conf.tmpl', ethernet) + else: + # delete configuration on interface removal + if os.path.isfile(wpa_suppl_conf.format(**ethernet)): + os.unlink(wpa_suppl_conf.format(**ethernet)) + return None def apply(ethernet): - e = EthernetIf(ethernet['ifname']) + ifname = ethernet['ifname'] + # take care about EAPoL supplicant daemon + eapol_action='stop' + + e = EthernetIf(ifname) if 'deleted' in ethernet: # delete interface e.remove() else: e.update(ethernet) + if 'eapol' in ethernet: + eapol_action='restart' + call(f'systemctl {eapol_action} wpa_supplicant-macsec@{ifname}') if __name__ == '__main__': try: |