Menu
▾
▴
[Openvpn-devel] [PATCH] If --management-external-key is used do not check for private key file existence
|
From: Arne S. <ar...@rf...> - 2012-07-20 23:03:01
|
Fixes error: --key fails with EXTERNAL_PRIVATE_KEY: No such file or directory if --management-external-key is used
Signed-off-by: Arne Schwabe <ar...@rf...>
---
src/openvpn/options.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index cd1cb1c..7041e94 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -1930,6 +1930,15 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
if ((options->management_client_user || options->management_client_group)
&& !(options->management_flags & MF_UNIX_SOCK))
msg (M_USAGE, "--management-client-(user|group) can only be used on unix domain sockets");
+#ifdef MANAGMENT_EXTERNAL_KEY
+ if(options->management_flags & MF_EXTERNAL_KEY) {
+ if(options->priv_key_file)
+ msg (M_USAGE, "--key and --management-external-key are mutually exclusive");
+ /* set a filename for nicer output in the logs */
+ options->priv_key_file = "EXTERNAL_PRIVATE_KEY";
+ }
+#endif
+
#endif
/*
@@ -2627,6 +2636,9 @@ options_postprocess_filechecks (struct options *options)
errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->cert_file, R_OK, "--cert");
errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->extra_certs_file, R_OK,
"--extra-certs");
+#ifdef MANAGMENT_EXTERNAL_KEY
+ if(!options->management_flags & MF_EXTERNAL_KEY)
+#endif
errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->priv_key_file, R_OK,
"--key");
errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->pkcs12_file, R_OK,
@@ -4141,7 +4153,6 @@ add_option (struct options *options,
{
VERIFY_PERMISSION (OPT_P_GENERAL);
options->management_flags |= MF_EXTERNAL_KEY;
- options->priv_key_file = "EXTERNAL_PRIVATE_KEY";
}
#endif
#ifdef MANAGEMENT_DEF_AUTH
--
1.7.9.5
|
