diff options
author | Arne Schwabe <arne@rfc2549.org> | 2012-11-26 15:33:09 +0100 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2012-11-29 21:47:57 +0100 |
commit | 9447858c38c5cf51265c7eab3445d7d5fb4f7bba (patch) | |
tree | bd248c04994865435eded971f85b803784e137fd | |
parent | 9e6b85797214187f7fb2c4255f2678f2ba74168a (diff) | |
download | openvpn-9447858c38c5cf51265c7eab3445d7d5fb4f7bba.tar.gz openvpn-9447858c38c5cf51265c7eab3445d7d5fb4f7bba.tar.xz openvpn-9447858c38c5cf51265c7eab3445d7d5fb4f7bba.zip |
Properly require --key even if defined(MANAGMENT_EXTERNAL_KEY)
When specifying --tls-client --cert ... without a --key (or --pkcs11)
option, OpenVPN should complain:
"You must define private key file (--key)...". Ensure that this
works even when compiling with MANAGMENT_EXTERNAL_KEY.
Also fix the other instance where this logic is broken
Orginal-Patch-by: Found by Joachim Schipper <joachim.schipper@fox-it.com>
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: 1353940389-31075-1-git-send-email-arne@rfc2549.org
URL: http://article.gmane.org/gmane.network.openvpn.devel/7143
Signed-off-by: David Sommerseth <davids@redhat.com>
(cherry picked from commit feca0900dd00577779ab02f2e52b41eb3dab935f)
-rw-r--r-- | src/openvpn/options.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 5cec344..33dbf51 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2274,7 +2274,7 @@ options_postprocess_verify_ce (const struct options *options, const struct conne { notnull (options->cert_file, "certificate file (--cert) or PKCS#12 file (--pkcs12)"); #ifdef MANAGMENT_EXTERNAL_KEY - if (!options->management_flags & MF_EXTERNAL_KEY) + if (!(options->management_flags & MF_EXTERNAL_KEY)) #endif notnull (options->priv_key_file, "private key file (--key) or PKCS#12 file (--pkcs12)"); } @@ -2666,7 +2666,7 @@ options_postprocess_filechecks (struct options *options) errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->extra_certs_file, R_OK, "--extra-certs"); #ifdef MANAGMENT_EXTERNAL_KEY - if(!options->management_flags & MF_EXTERNAL_KEY) + if(!(options->management_flags & MF_EXTERNAL_KEY)) #endif errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->priv_key_file, R_OK, "--key"); |