Browse code
Fixes error: --key fails with EXTERNAL_PRIVATE_KEY: No such file or directory if --management-external-key is used
Warn if both options are used at the same time.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: 1343914668-10696-1-git-send-email-arne@rfc2549.org
URL: http://article.gmane.org/gmane.network.openvpn.devel/6943
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Arne Schwabe authored on 2012/08/02 22:37:48Showing 1 changed files
| ... | ... |
@@ -1581,6 +1581,12 @@ show_settings (const struct options *o) |
| 1581 | 1581 |
SHOW_STR (ca_path); |
| 1582 | 1582 |
SHOW_STR (dh_file); |
| 1583 | 1583 |
SHOW_STR (cert_file); |
| 1584 |
+ |
|
| 1585 |
+#ifdef MANAGMENT_EXTERNAL_KEY |
|
| 1586 |
+ if((o->management_flags & MF_EXTERNAL_KEY)) |
|
| 1587 |
+ SHOW_PARM ("priv_key_file","EXTERNAL_PRIVATE_KEY","%s");
|
|
| 1588 |
+ else |
|
| 1589 |
+#endif |
|
| 1584 | 1590 |
SHOW_STR (priv_key_file); |
| 1585 | 1591 |
#ifndef ENABLE_CRYPTO_POLARSSL |
| 1586 | 1592 |
SHOW_STR (pkcs12_file); |
| ... | ... |
@@ -2181,6 +2187,11 @@ options_postprocess_verify_ce (const struct options *options, const struct conne |
| 2181 | 2181 |
else |
| 2182 | 2182 |
#endif |
| 2183 | 2183 |
#ifdef ENABLE_CRYPTOAPI |
| 2184 |
+#ifdef MANAGMENT_EXTERNAL_KEY |
|
| 2185 |
+ if((options->management_flags & MF_EXTERNAL_KEY) && options->priv_key_file) |
|
| 2186 |
+ msg (M_USAGE, "--key and --management-external-key are mutually exclusive"); |
|
| 2187 |
+#endif |
|
| 2188 |
+ |
|
| 2184 | 2189 |
if (options->cryptoapi_cert) |
| 2185 | 2190 |
{
|
| 2186 | 2191 |
if ((!(options->ca_file)) && (!(options->ca_path))) |
| ... | ... |
@@ -2627,7 +2638,10 @@ options_postprocess_filechecks (struct options *options) |
| 2627 | 2627 |
errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->cert_file, R_OK, "--cert"); |
| 2628 | 2628 |
errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->extra_certs_file, R_OK, |
| 2629 | 2629 |
"--extra-certs"); |
| 2630 |
- errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->priv_key_file, R_OK, |
|
| 2630 |
+#ifdef MANAGMENT_EXTERNAL_KEY |
|
| 2631 |
+ if(!options->management_flags & MF_EXTERNAL_KEY) |
|
| 2632 |
+#endif |
|
| 2633 |
+ errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->priv_key_file, R_OK, |
|
| 2631 | 2634 |
"--key"); |
| 2632 | 2635 |
errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->pkcs12_file, R_OK, |
| 2633 | 2636 |
"--pkcs12"); |
| ... | ... |
@@ -4141,7 +4155,6 @@ add_option (struct options *options, |
| 4141 | 4141 |
{
|
| 4142 | 4142 |
VERIFY_PERMISSION (OPT_P_GENERAL); |
| 4143 | 4143 |
options->management_flags |= MF_EXTERNAL_KEY; |
| 4144 |
- options->priv_key_file = "EXTERNAL_PRIVATE_KEY"; |
|
| 4145 | 4144 |
} |
| 4146 | 4145 |
#endif |
| 4147 | 4146 |
#ifdef MANAGEMENT_DEF_AUTH |