# Copyright VyOS maintainers and contributors <maintainers@vyos.io>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this library.  If not, see <http://www.gnu.org/licenses/>.

# Rename connection-type 'respond' to 'trap' (T7594):
#   vpn ipsec site-to-site peer <name> connection-type respond -> trap

from vyos.configtree import ConfigTree

base = ['vpn', 'ipsec', 'site-to-site']

def migrate(config: ConfigTree) -> None:
    # If IPsec config does not exist, nothing to do
    if not config.exists(base):
        return

    # Iterate through defined peers
    for peer in config.list_nodes(base + ['peer']):
        path = base + ['peer', peer, 'connection-type']
        if config.value_exists(path, 'respond'):
            # Replace old behavior with explicit passive type
            config.set(path, 'trap', replace=True)
