From: David Sommerseth Date: Fri, 8 May 2020 11:44:11 +0000 (+0200) Subject: options: Restore --tls-crypt-v2 inline file capability X-Git-Tag: v2.5_beta1~146 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7ae8dbb7c4a2ca4a23efae7b08222a8db0efc529;p=thirdparty%2Fopenvpn.git options: Restore --tls-crypt-v2 inline file capability Commit cb2e9218f2bc73f re-factored the internal file handling, but somehow overlooked the --tls-crypt-v2 option processing. It was no longer possible to load a configuration file with this key file inlined. There where two issues here. First was that the OPT_P_INLINE flag was not set, so the option parser rejected --tls-crypt-v2 as inline capable. Second issue was that the 'streq(p[1], INLINE_FILE_TAG)' check makes no longer sense, as at this point p[1] contains the file contents. Instead use the is_inline flag. Signed-off-by: David Sommerseth Acked-by: Antonio Quartulli Message-Id: <20200508114411.15762-1-davids@openvpn.net> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19859.html Signed-off-by: Gert Doering --- diff --git a/src/openvpn/options.c b/src/openvpn/options.c index a37106ce4..56c9e4111 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -8324,22 +8324,16 @@ add_option(struct options *options, } else if (streq(p[0], "tls-crypt-v2") && p[1] && !p[3]) { - VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_CONNECTION); + VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_CONNECTION|OPT_P_INLINE); if (permission_mask & OPT_P_GENERAL) { - if (streq(p[1], INLINE_FILE_TAG) && p[2]) - { - options->tls_crypt_v2_file_inline = p[2]; - } options->tls_crypt_v2_file = p[1]; + options->tls_crypt_v2_file_inline = is_inline; } else if (permission_mask & OPT_P_CONNECTION) { - if (streq(p[1], INLINE_FILE_TAG) && p[2]) - { - options->ce.tls_crypt_v2_file_inline = p[2]; - } options->ce.tls_crypt_v2_file = p[1]; + options->ce.tls_crypt_v2_file_inline = is_inline; } } else if (streq(p[0], "tls-crypt-v2-verify") && p[1] && !p[2])