diff options
| author | David Sommerseth | 2020-05-08 13:44:11 +0200 |
|---|---|---|
| committer | Gert Doering | 2020-05-08 23:49:49 +0200 |
| commit | 7ae8dbb7c4a2ca4a23efae7b08222a8db0efc529 (patch) | |
| tree | 8f4a66ddfafce73b439c83b040bc70b676f5e829 /src | |
| parent | e8e410fdc6fb91451d8119b129bac7be00ff81df (diff) | |
| download | openvpn-7ae8dbb7c4a2ca4a23efae7b08222a8db0efc529.zip openvpn-7ae8dbb7c4a2ca4a23efae7b08222a8db0efc529.tar.gz | |
options: Restore --tls-crypt-v2 inline file capability
Commit cb2e9218f2bc73f re-factored the internal file handling, but
somehow overlooked the --tls-crypt-v2 option processing. It was no
longer possible to load a configuration file with this key file inlined.
There where two issues here. First was that the OPT_P_INLINE flag was
not set, so the option parser rejected --tls-crypt-v2 as inline capable.
Second issue was that the 'streq(p[1], INLINE_FILE_TAG)' check makes no
longer sense, as at this point p[1] contains the file contents. Instead
use the is_inline flag.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20200508114411.15762-1-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19859.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src')
| -rw-r--r-- | src/openvpn/options.c | 12 |
1 files changed, 3 insertions, 9 deletions
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index a37106c..56c9e41 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -8324,22 +8324,16 @@ add_option(struct options *options, } else if (streq(p[0], "tls-crypt-v2") && p[1] && !p[3]) { - VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_CONNECTION); + VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_CONNECTION|OPT_P_INLINE); if (permission_mask & OPT_P_GENERAL) { - if (streq(p[1], INLINE_FILE_TAG) && p[2]) - { - options->tls_crypt_v2_file_inline = p[2]; - } options->tls_crypt_v2_file = p[1]; + options->tls_crypt_v2_file_inline = is_inline; } else if (permission_mask & OPT_P_CONNECTION) { - if (streq(p[1], INLINE_FILE_TAG) && p[2]) - { - options->ce.tls_crypt_v2_file_inline = p[2]; - } options->ce.tls_crypt_v2_file = p[1]; + options->ce.tls_crypt_v2_file_inline = is_inline; } } else if (streq(p[0], "tls-crypt-v2-verify") && p[1] && !p[2]) |