From 9db8c197ab170d18a93d70fca4227e802a7154c1 Mon Sep 17 00:00:00 2001
From: Jamie Austin <jamieaustinprogramming@gmail.com>
Date: Sat, 28 Jan 2023 01:13:25 +1100
Subject: T4958: ocserv: openconnect: refactor RADIUS accounting support

---
 data/templates/ocserv/ocserv_config.j2 |  2 +-
 data/templates/ocserv/radius_conf.j2   | 24 ++++++++++--------------
 2 files changed, 11 insertions(+), 15 deletions(-)

(limited to 'data/templates/ocserv')

diff --git a/data/templates/ocserv/ocserv_config.j2 b/data/templates/ocserv/ocserv_config.j2
index aa8897703..aa1073bca 100644
--- a/data/templates/ocserv/ocserv_config.j2
+++ b/data/templates/ocserv/ocserv_config.j2
@@ -10,7 +10,7 @@ udp-port = {{ listen_ports.udp }}
 run-as-user = nobody
 run-as-group = daemon
 
-{% if "radius" in accounting.mode %}
+{% if accounting.mode.radius is vyos_defined %}
 acct = "radius [config=/run/ocserv/radiusclient.conf]"
 {% endif %}
 
diff --git a/data/templates/ocserv/radius_conf.j2 b/data/templates/ocserv/radius_conf.j2
index 65548e3ad..1ab322f69 100644
--- a/data/templates/ocserv/radius_conf.j2
+++ b/data/templates/ocserv/radius_conf.j2
@@ -2,27 +2,23 @@
 nas-identifier VyOS
 
 #### Accounting
-{% if "radius" in accounting['mode'] %}
-{%     for acctsrv in accounting['radius']['server'] %}
-{%         if not "disable" in accounting['radius']['server'][acctsrv] %}
-{%             if "port" in accounting['radius']['server'][acctsrv] %}
-acctserver {{ acctsrv }}:{{ accounting['radius']['server'][acctsrv]['port'] }}
-{%             else %}
+{% if accounting.mode.radius is vyos_defined %}
+{%     for acctsrv, srv_conf in accounting.radius.server.items() if 'disable' not in srv_conf %}
+{%         if srv_conf.port is vyos_defined %}
+acctserver {{ acctsrv }}:{{ srv_conf.port }}
+{%         else %}
 acctserver {{ acctsrv }}
-{%             endif %}
 {%         endif %}
 {%     endfor %}
 {% endif %}
 
 #### Authentication
-{% if "radius" in authentication['mode'] %}
-{%     for authsrv in authentication['radius']['server'] %}
-{%         if not "disable" in authentication['radius']['server'][authsrv] %}
-{%             if "port" in authentication['radius']['server'][authsrv] %}
-authserver {{ authsrv }}:{{ authentication['radius']['server'][authsrv]['port'] }}
-{%             else %}
+{% if authentication.mode.radius is vyos_defined %}
+{%     for authsrv, srv_conf in authentication.radius.server.items() if 'disable' not in srv_conf %}
+{%         if srv_conf.port is vyos_defined %}
+authserver {{ authsrv }}:{{ srv_conf.port }}
+{%         else %}
 authserver {{ authsrv }}
-{%             endif %}
 {%         endif %}
 {%     endfor %}
 radius_timeout {{ authentication['radius']['timeout'] }}
-- 
cgit v1.2.3