diff options
author | Arne Schwabe <arne@rfc2549.org> | 2012-11-26 15:33:09 +0100 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2012-11-29 21:43:52 +0100 |
commit | feca0900dd00577779ab02f2e52b41eb3dab935f (patch) | |
tree | 03dbe8fc833b8eb9b64a203ac74eaf8bc296cd77 /src/openvpn/options.c | |
parent | 038f0aca3077807f3fc60077e2aacffef5ba2f45 (diff) | |
download | openvpn-feca0900dd00577779ab02f2e52b41eb3dab935f.tar.gz openvpn-feca0900dd00577779ab02f2e52b41eb3dab935f.tar.xz openvpn-feca0900dd00577779ab02f2e52b41eb3dab935f.zip |
Properly require --key even if defined(MANAGMENT_EXTERNAL_KEY)
When specifying --tls-client --cert ... without a --key (or --pkcs11)
option, OpenVPN should complain:
"You must define private key file (--key)...". Ensure that this
works even when compiling with MANAGMENT_EXTERNAL_KEY.
Also fix the other instance where this logic is broken
Orginal-Patch-by: Found by Joachim Schipper <joachim.schipper@fox-it.com>
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: 1353940389-31075-1-git-send-email-arne@rfc2549.org
URL: http://article.gmane.org/gmane.network.openvpn.devel/7143
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'src/openvpn/options.c')
-rw-r--r-- | src/openvpn/options.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 5cec344..33dbf51 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2274,7 +2274,7 @@ options_postprocess_verify_ce (const struct options *options, const struct conne { notnull (options->cert_file, "certificate file (--cert) or PKCS#12 file (--pkcs12)"); #ifdef MANAGMENT_EXTERNAL_KEY - if (!options->management_flags & MF_EXTERNAL_KEY) + if (!(options->management_flags & MF_EXTERNAL_KEY)) #endif notnull (options->priv_key_file, "private key file (--key) or PKCS#12 file (--pkcs12)"); } @@ -2666,7 +2666,7 @@ options_postprocess_filechecks (struct options *options) errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->extra_certs_file, R_OK, "--extra-certs"); #ifdef MANAGMENT_EXTERNAL_KEY - if(!options->management_flags & MF_EXTERNAL_KEY) + if(!(options->management_flags & MF_EXTERNAL_KEY)) #endif errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->priv_key_file, R_OK, "--key"); |