diff options
author | Arne Schwabe <arne@rfc2549.org> | 2013-05-30 15:27:08 +0200 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2013-05-30 21:12:17 +0200 |
commit | 8476edbb1748e11de0e4fda8989c9e470285926b (patch) | |
tree | f20c97b8658ff45305e1f03f8161e50e1d95b020 /src/openvpn/init.c | |
parent | 8c431f960357d776cfd0961192214ad1b0942bfb (diff) | |
download | openvpn-8476edbb1748e11de0e4fda8989c9e470285926b.tar.gz openvpn-8476edbb1748e11de0e4fda8989c9e470285926b.tar.xz openvpn-8476edbb1748e11de0e4fda8989c9e470285926b.zip |
Only print script warnings when a script is used. Remove stray mention of script-security system.
Acked-by: Jan Just Keijser <janjust@nikhef.nl>
Message-Id: <1369920428-11350-1-git-send-email-arne@rfc2549.org>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7625
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/init.c')
-rw-r--r-- | src/openvpn/init.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 2a0ba85..1dc7ee7 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2542,12 +2542,19 @@ do_option_warnings (struct context *c) msg (M_WARN, "NOTE: --connect-timeout option is not supported on this OS"); #endif - if (script_security >= SSEC_SCRIPTS) - msg (M_WARN, "NOTE: the current --script-security setting may allow this configuration to call user-defined scripts"); - else if (script_security >= SSEC_PW_ENV) - msg (M_WARN, "WARNING: the current --script-security setting may allow passwords to be passed to scripts via environmental variables"); - else - msg (M_WARN, "NOTE: " PACKAGE_NAME " 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables"); + /* Check if a script is used and print approiate warnings */ + if (o->up_script || o->ipchange || o->down_script || o->route_script + || o->route_predown_script || o->auth_user_pass_verify_script + || o->client_disconnect_script || o->client_connect_script + || o->learn_address_script || o->tls_verify) + { + if (script_security >= SSEC_SCRIPTS) + msg (M_WARN, "NOTE: the current --script-security setting may allow this configuration to call user-defined scripts"); + else if (script_security >= SSEC_PW_ENV) + msg (M_WARN, "WARNING: the current --script-security setting may allow passwords to be passed to scripts via environmental variables"); + else + msg (M_WARN, "NOTE: " PACKAGE_NAME " 2.1+ requires '--script-security 2' or higher to call user-defined scripts or executables"); + } } static void |