From 09e0a2ca035ee39a68a510b28cc74560669d0420 Mon Sep 17 00:00:00 2001
From: aapostoliuk <a.apostoliuk@vyos.io>
Date: Tue, 19 Dec 2023 10:55:04 +0200
Subject: T5801: Rewritten L2TP to get_config_dict

Rewritten L2TP to get_config_dict
Rewritten L2TP xml to accel-ppp patterns
Migrated 'idle' to 'ppp-options.lcp-echo-timeout'
Migrated 'authentication.mppe' to 'ppp-options.mppe'
Migrated 'authentication.radius.dae-server' to
'authentication.radius.dynamic-author'
Migrated 'authentication.require' to 'authentication.protocol'
Added 'authentication.radius.acct-interim-jitter'
Added 'authentication.radius.preallocate-vif'
Added 'authentication.radius.server.<IP>.acct-port'
Added 'ppp-options.ipv4'
Added smoke-tests
Fixed 'preallocate-vif' in SSTP
---
 .../include/accel-ppp/auth-protocols.xml.i         |   2 +-
 .../include/accel-ppp/mtu-128-16384.xml.i          |   2 +-
 .../include/version/l2tp-version.xml.i             |   2 +-
 interface-definitions/vpn-l2tp.xml.in              | 110 ++-------------------
 4 files changed, 12 insertions(+), 104 deletions(-)

(limited to 'interface-definitions')

diff --git a/interface-definitions/include/accel-ppp/auth-protocols.xml.i b/interface-definitions/include/accel-ppp/auth-protocols.xml.i
index d43266152..4ab4753bb 100644
--- a/interface-definitions/include/accel-ppp/auth-protocols.xml.i
+++ b/interface-definitions/include/accel-ppp/auth-protocols.xml.i
@@ -1,7 +1,7 @@
 <!-- include start from accel-ppp/auth-protocols.xml.i -->
 <leafNode name="protocols">
   <properties>
-    <help>Authentication protocol for remote access peer SSTP VPN</help>
+    <help>Authentication protocol for remote access peer</help>
     <completionHelp>
       <list>pap chap mschap mschap-v2</list>
     </completionHelp>
diff --git a/interface-definitions/include/accel-ppp/mtu-128-16384.xml.i b/interface-definitions/include/accel-ppp/mtu-128-16384.xml.i
index b4008a63b..5661bdc05 100644
--- a/interface-definitions/include/accel-ppp/mtu-128-16384.xml.i
+++ b/interface-definitions/include/accel-ppp/mtu-128-16384.xml.i
@@ -1,7 +1,7 @@
 <!-- include start from accel-ppp/mtu-128-16384.xml.i -->
 <leafNode name="mtu">
   <properties>
-    <help>Maximum Transmission Unit (MTU) - default 1492</help>
+    <help>Maximum Transmission Unit (MTU)</help>
     <constraint>
       <validator name="numeric" argument="--range 128-16384"/>
     </constraint>
diff --git a/interface-definitions/include/version/l2tp-version.xml.i b/interface-definitions/include/version/l2tp-version.xml.i
index 89edb160c..f4507d93b 100644
--- a/interface-definitions/include/version/l2tp-version.xml.i
+++ b/interface-definitions/include/version/l2tp-version.xml.i
@@ -1,3 +1,3 @@
 <!-- include start from include/version/l2tp-version.xml.i -->
-<syntaxVersion component='l2tp' version='5'></syntaxVersion>
+<syntaxVersion component='l2tp' version='6'></syntaxVersion>
 <!-- include end -->
diff --git a/interface-definitions/vpn-l2tp.xml.in b/interface-definitions/vpn-l2tp.xml.in
index 7980cfdf5..3e2d00e6b 100644
--- a/interface-definitions/vpn-l2tp.xml.in
+++ b/interface-definitions/vpn-l2tp.xml.in
@@ -15,6 +15,9 @@
             <children>
               #include <include/accel-ppp/max-concurrent-sessions.xml.i>
               #include <include/accel-ppp/mtu-128-16384.xml.i>
+              <leafNode name="mtu">
+                <defaultValue>1436</defaultValue>
+              </leafNode>
               <leafNode name="outside-address">
                 <properties>
                   <help>External IP address to which VPN clients will connect</help>
@@ -120,116 +123,18 @@
               #include <include/accel-ppp/client-ipv6-pool.xml.i>
               #include <include/generic-description.xml.i>
               #include <include/dhcp-interface.xml.i>
-              <leafNode name="idle">
-                <properties>
-                  <help>PPP idle timeout</help>
-                  <valueHelp>
-                    <format>u32:30-86400</format>
-                    <description>PPP idle timeout in seconds</description>
-                  </valueHelp>
-                    <constraint>
-                      <validator name="numeric" argument="--range 30-86400"/>
-                    </constraint>
-                </properties>
-              </leafNode>
               <node name="authentication">
                 <properties>
                   <help>Authentication for remote access L2TP VPN</help>
                 </properties>
                 <children>
-                  <leafNode name="require">
-                    <properties>
-                      <help>Authentication protocol for remote access peer L2TP VPN</help>
-                      <valueHelp>
-                        <format>pap</format>
-                        <description>Require the peer to authenticate itself using PAP [Password Authentication Protocol].</description>
-                      </valueHelp>
-                      <valueHelp>
-                        <format>chap</format>
-                        <description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
-                      </valueHelp>
-                      <valueHelp>
-                        <format>mschap</format>
-                        <description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
-                      </valueHelp>
-                      <valueHelp>
-                        <format>mschap-v2</format>
-                        <description>Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2].</description>
-                      </valueHelp>
-                      <constraint>
-                        <regex>(pap|chap|mschap|mschap-v2)</regex>
-                      </constraint>
-                      <completionHelp>
-                        <list>pap chap mschap mschap-v2</list>
-                      </completionHelp>
-                      <multi />
-                    </properties>
-                  </leafNode>
-                  #include <include/accel-ppp/ppp-mppe.xml.i>
+                  #include <include/accel-ppp/auth-protocols.xml.i>
                   #include <include/accel-ppp/auth-mode.xml.i>
                   #include <include/accel-ppp/auth-local-users.xml.i>
                   #include <include/radius-auth-server-ipv4.xml.i>
+                  #include <include/accel-ppp/radius-additions.xml.i>
                   <node name="radius">
                     <children>
-                      #include <include/accel-ppp/radius-accounting-interim-interval.xml.i>
-                      <tagNode name="server">
-                        <children>
-                          #include <include/accel-ppp/radius-additions-disable-accounting.xml.i>
-                          <leafNode name="fail-time">
-                            <properties>
-                              <help>Mark server unavailable for N seconds on failure</help>
-                              <valueHelp>
-                                <format>u32:0-600</format>
-                                <description>Fail time penalty</description>
-                              </valueHelp>
-                              <constraint>
-                                <validator name="numeric" argument="--range 0-600"/>
-                              </constraint>
-                              <constraintErrorMessage>Fail time must be between 0 and 600 seconds</constraintErrorMessage>
-                            </properties>
-                          </leafNode>
-                        </children>
-                      </tagNode>
-                      <leafNode name="timeout">
-                        <properties>
-                          <help>Timeout to wait response from server (seconds)</help>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="acct-timeout">
-                        <properties>
-                          <help>Timeout to wait reply for Interim-Update packets</help>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="max-try">
-                        <properties>
-                          <help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
-                        </properties>
-                      </leafNode>
-                      #include <include/radius-nas-identifier.xml.i>
-                      #include <include/radius-nas-ip-address.xml.i>
-                      <node name="dae-server">
-                        <properties>
-                          <help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
-                        </properties>
-                        <children>
-                          <leafNode name="ip-address">
-                            <properties>
-                              <help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
-                            </properties>
-                          </leafNode>
-                          <leafNode name="port">
-                            <properties>
-                              <help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
-                            </properties>
-                            <defaultValue>1700</defaultValue>
-                          </leafNode>
-                          <leafNode name="secret">
-                            <properties>
-                              <help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
-                            </properties>
-                          </leafNode>
-                        </children>
-                      </node>
                       #include <include/accel-ppp/radius-additions-rate-limit.xml.i>
                     </children>
                   </node>
@@ -240,9 +145,12 @@
                   <help>Advanced protocol options</help>
                 </properties>
                 <children>
-                  #include <include/accel-ppp/lcp-echo-interval-failure.xml.i>
+                  #include <include/accel-ppp/ppp-mppe.xml.i>
+                  #include <include/accel-ppp/ppp-options-ipv4.xml.i>
                   #include <include/accel-ppp/ppp-options-ipv6.xml.i>
                   #include <include/accel-ppp/ppp-options-ipv6-interface-id.xml.i>
+                  #include <include/accel-ppp/lcp-echo-interval-failure.xml.i>
+                  #include <include/accel-ppp/lcp-echo-timeout.xml.i>
                 </children>
               </node>
               #include <include/accel-ppp/default-pool.xml.i>
-- 
cgit v1.2.3