]> git.ipfire.org Git - thirdparty/openvpn.git/commitdiff
Added warning that --capath is not available with PolarSSL
authorAdriaan de Jong <dejong@fox-it.com>
Tue, 5 Jul 2011 08:05:32 +0000 (10:05 +0200)
committerDavid Sommerseth <davids@redhat.com>
Sat, 22 Oct 2011 14:00:49 +0000 (16:00 +0200)
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: David Sommerseth <davids@redhat.com>
openvpn.8
options.c

index 8e8ea8f928beac7f260bd568521d987a90e6310e..4e3b87b272f0be66094f6c1d815ddcad18b1bc49 100644 (file)
--- a/openvpn.8
+++ b/openvpn.8
@@ -3952,6 +3952,7 @@ they are distributed with OpenVPN, they are totally insecure.
 .B \-\-capath dir
 Directory containing trusted certificates (CAs and CRLs).
 Available with OpenSSL version >= 0.9.7 dev.
+Not available with PolarSSL.
 .\"*********************************************************
 .TP
 .B \-\-dh file
index 68c2a698f020b316878bda52f3bbef264123725c..635cef22be106e90cf578a43350537a823c3aca0 100644 (file)
--- a/options.c
+++ b/options.c
@@ -2281,6 +2281,8 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
 #ifdef USE_POLARSSL
          if (!(options->ca_file))
            msg(M_USAGE, "You must define CA file (--ca)");
+          if (options->ca_path)
+            msg(M_USAGE, "Parameter --capath cannot be used with the PolarSSL version version of OpenVPN.");
 #else
          if ((!(options->ca_file)) && (!(options->ca_path)))
            msg(M_USAGE, "You must define CA file (--ca) or CA path (--capath)");