diff options
Diffstat (limited to 'src')
-rwxr-xr-x | src/helpers/vyos-domain-resolver.py | 10 | ||||
-rwxr-xr-x | src/op_mode/pki.py | 7 | ||||
-rwxr-xr-x | src/op_mode/show_openconnect_otp.py | 38 | ||||
-rw-r--r-- | src/tests/test_initial_setup.py | 6 |
4 files changed, 26 insertions, 35 deletions
diff --git a/src/helpers/vyos-domain-resolver.py b/src/helpers/vyos-domain-resolver.py index 2036ca72e..7e2fe2462 100755 --- a/src/helpers/vyos-domain-resolver.py +++ b/src/helpers/vyos-domain-resolver.py @@ -26,7 +26,7 @@ from vyos.utils.commit import commit_in_progress from vyos.utils.dict import dict_search_args from vyos.utils.process import cmd from vyos.utils.process import run -from vyos.xml import defaults +from vyos.xml_ref import get_defaults base = ['firewall'] timeout = 300 @@ -49,13 +49,7 @@ def get_config(conf): firewall = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True, no_tag_node_value_mangle=True) - default_values = defaults(base) - for tmp in ['name', 'ipv6_name']: - if tmp in default_values: - del default_values[tmp] - - if 'zone' in default_values: - del default_values['zone'] + default_values = get_defaults(base, get_first_key=True) firewall = dict_merge(default_values, firewall) diff --git a/src/op_mode/pki.py b/src/op_mode/pki.py index f638c51bc..aff4ad1ae 100755 --- a/src/op_mode/pki.py +++ b/src/op_mode/pki.py @@ -26,7 +26,6 @@ from cryptography.x509.oid import ExtendedKeyUsageOID from vyos.config import Config from vyos.configquery import ConfigTreeQuery -from vyos.configdict import dict_merge from vyos.pki import encode_certificate, encode_public_key, encode_private_key, encode_dh_parameters from vyos.pki import get_certificate_fingerprint from vyos.pki import create_certificate, create_certificate_request, create_certificate_revocation_list @@ -39,7 +38,6 @@ from vyos.utils.io import ask_input from vyos.utils.io import ask_yes_no from vyos.utils.misc import install_into_config from vyos.utils.process import cmd -from vyos.xml import defaults CERT_REQ_END = '-----END CERTIFICATE REQUEST-----' auth_dir = '/config/auth' @@ -50,10 +48,9 @@ def get_default_values(): # Fetch default x509 values base = ['pki', 'x509', 'default'] x509_defaults = conf.get_config_dict(base, key_mangling=('-', '_'), + no_tag_node_value_mangle=True, get_first_key=True, - no_tag_node_value_mangle=True) - default_values = defaults(base) - x509_defaults = dict_merge(default_values, x509_defaults) + with_recursive_defaults=True) return x509_defaults diff --git a/src/op_mode/show_openconnect_otp.py b/src/op_mode/show_openconnect_otp.py index 415a5f72c..3771fb385 100755 --- a/src/op_mode/show_openconnect_otp.py +++ b/src/op_mode/show_openconnect_otp.py @@ -17,12 +17,11 @@ import argparse import os +from base64 import b32encode from vyos.config import Config -from vyos.xml import defaults -from vyos.configdict import dict_merge +from vyos.utils.dict import dict_search_args from vyos.utils.process import popen -from base64 import b32encode otp_file = '/run/ocserv/users.oath' @@ -33,7 +32,7 @@ def check_uname_otp(username): config = Config() base_key = ['vpn', 'openconnect', 'authentication', 'local-users', 'username', username, 'otp', 'key'] if not config.exists(base_key): - return None + return False return True def get_otp_ocserv(username): @@ -41,21 +40,21 @@ def get_otp_ocserv(username): base = ['vpn', 'openconnect'] if not config.exists(base): return None - ocserv = config.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) - # We have gathered the dict representation of the CLI, but there are default - # options which we need to update into the dictionary retrived. - default_values = defaults(base) - ocserv = dict_merge(default_values, ocserv) - # workaround a "know limitation" - https://vyos.dev/T2665 - del ocserv['authentication']['local_users']['username']['otp'] - if not ocserv["authentication"]["local_users"]["username"]: + + ocserv = config.get_config_dict(base, key_mangling=('-', '_'), + get_first_key=True, + with_recursive_defaults=True) + + user_path = ['authentication', 'local_users', 'username'] + users = dict_search_args(ocserv, *user_path) + + if users is None: return None - default_ocserv_usr_values = default_values['authentication']['local_users']['username']['otp'] - for user, params in ocserv['authentication']['local_users']['username'].items(): - # Not every configuration requires OTP settings - if ocserv['authentication']['local_users']['username'][user].get('otp'): - ocserv['authentication']['local_users']['username'][user]['otp'] = dict_merge(default_ocserv_usr_values, ocserv['authentication']['local_users']['username'][user]['otp']) - result = ocserv['authentication']['local_users']['username'][username] + + # function is called conditionally, if check_uname_otp true, so username + # exists + result = users[username] + return result def display_otp_ocserv(username, params, info): @@ -101,8 +100,7 @@ if __name__ == '__main__': parser.add_argument('--info', action="store", type=str, default='full', help='Wich information to display') args = parser.parse_args() - check_otp = check_uname_otp(args.user) - if check_otp: + if check_uname_otp(args.user): user_otp_params = get_otp_ocserv(args.user) display_otp_ocserv(args.user, user_otp_params, args.info) else: diff --git a/src/tests/test_initial_setup.py b/src/tests/test_initial_setup.py index cb843ff09..ba50d06cc 100644 --- a/src/tests/test_initial_setup.py +++ b/src/tests/test_initial_setup.py @@ -21,14 +21,16 @@ import vyos.configtree import vyos.initialsetup as vis from unittest import TestCase -from vyos import xml +from vyos.xml_ref import definition +from vyos.xml_ref.pkg_cache.vyos_1x_cache import reference class TestInitialSetup(TestCase): def setUp(self): with open('tests/data/config.boot.default', 'r') as f: config_string = f.read() self.config = vyos.configtree.ConfigTree(config_string) - self.xml = xml.load_configuration() + self.xml = definition.Xml() + self.xml.define(reference) def test_set_user_password(self): vis.set_user_password(self.config, 'vyos', 'vyosvyos') |