diff options
author | Christian Breunig <christian@breunig.cc> | 2024-02-12 21:17:43 +0100 |
---|---|---|
committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-02-13 20:40:02 +0000 |
commit | 7c6beb9217932cf929e1e1be33abef46f0ca2053 (patch) | |
tree | 2439233ef2b03d3aaabe21d481d01382efb32de6 /src | |
parent | b68206ba65a8341df86bc220696cc313764e9ba5 (diff) | |
download | vyos-1x-7c6beb9217932cf929e1e1be33abef46f0ca2053.tar.gz vyos-1x-7c6beb9217932cf929e1e1be33abef46f0ca2053.zip |
rpki: T6024: add migration scripts from file based keys to PKI subsystem
(cherry picked from commit 4d76e9ef3e7773ed96c037108021c292675b101c)
Diffstat (limited to 'src')
-rwxr-xr-x | src/migration-scripts/rpki/1-to-2 | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/migration-scripts/rpki/1-to-2 b/src/migration-scripts/rpki/1-to-2 index 559440bba..50d4a3dfc 100755 --- a/src/migration-scripts/rpki/1-to-2 +++ b/src/migration-scripts/rpki/1-to-2 @@ -19,7 +19,11 @@ from sys import exit from sys import argv + from vyos.configtree import ConfigTree +from vyos.pki import OPENSSH_KEY_BEGIN +from vyos.pki import OPENSSH_KEY_END +from vyos.utils.file import read_file if len(argv) < 2: print("Must specify file name!") @@ -43,6 +47,24 @@ if config.exists(base + ['cache']): if config.exists(ssh_node + ['known-hosts-file']): config.delete(ssh_node + ['known-hosts-file']) + if config.exists(base + ['cache', cache, 'ssh']): + private_key_node = base + ['cache', cache, 'ssh', 'private-key-file'] + private_key_file = config.return_value(private_key_node) + private_key = read_file(private_key_file).replace(OPENSSH_KEY_BEGIN, '').replace(OPENSSH_KEY_END, '').replace('\n','') + + public_key_node = base + ['cache', cache, 'ssh', 'public-key-file'] + public_key_file = config.return_value(public_key_node) + public_key = read_file(public_key_file).split() + + config.set(['pki', 'openssh', f'rpki-{cache}', 'private', 'key'], value=private_key) + config.set(['pki', 'openssh', f'rpki-{cache}', 'public', 'key'], value=public_key[1]) + config.set(['pki', 'openssh', f'rpki-{cache}', 'public', 'type'], value=public_key[0]) + config.set_tag(['pki', 'openssh']) + config.set(ssh_node + ['key'], value=f'rpki-{cache}') + + config.delete(private_key_node) + config.delete(public_key_node) + try: with open(file_name, 'w') as f: f.write(config.to_string()) |