HomeVyOS Platform

configdict: T5894: preserve old behavior when dealing with PKI

Description

configdict: T5894: preserve old behavior when dealing with PKI

Commit b152b5202 ("configdict: T5894: add get_config_dict() flag with_pki")
added the generic PKI flag but if there was no PKI subsystem available
in the configuration, no pki dict key ever manifested in the resulting
dictionary requested by the caller.

This is different to the old behavior (which each caller implementing the call
itself) where there always was a pki key present - even if it was empty.

This triggered a bug in the IPSec script

Traceback (most recent call last):

File "/usr/libexec/vyos/conf_mode/vpn_ipsec.py", line 600, in <module>
  verify(ipsec)
File "/usr/libexec/vyos/conf_mode/vpn_ipsec.py", line 372, in verify
  verify_pki_rsa(ipsec['pki'], rsa)
                 ~~~~~^^^^^^^

KeyError: 'pki'

As it wanted to verify keys, but there was no pki dictionary key available.
This commit restores the previous behavior.

Details

Provenance
c-poAuthored on Feb 2 2024, 7:37 PM
Parents
rVYOSONEX84b17f0e666b: Merge pull request #2748 from MattKobayashi/t5848
Branches
Loading...
Tags
Loading...