From: Adriaan de Jong Date: Tue, 5 Jul 2011 08:02:40 +0000 (+0200) Subject: Added a warning that the PolarSSL library does not support pkcs12 files. X-Git-Tag: v2.3-alpha1~99 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=88133cdb961afcfb2de4576b0647f90378a67cc3;p=thirdparty%2Fopenvpn.git Added a warning that the PolarSSL library does not support pkcs12 files. Signed-off-by: Adriaan de Jong Acked-by: James Yonan Acked-by: Gert Doering Signed-off-by: David Sommerseth --- diff --git a/openvpn.8 b/openvpn.8 index c585da4ae..8e8ea8f92 100644 --- a/openvpn.8 +++ b/openvpn.8 @@ -4041,6 +4041,7 @@ This option can be used instead of .B \-\-ca, \-\-cert, and .B \-\-key. +Not available with PolarSSL. .\"********************************************************* .TP .B \-\-verify-hash hash diff --git a/options.c b/options.c index 9ed32b6d8..68c2a698f 100644 --- a/options.c +++ b/options.c @@ -2265,12 +2265,16 @@ options_postprocess_verify_ce (const struct options *options, const struct conne #endif if (options->pkcs12_file) { +#ifdef USE_POLARSSL + msg(M_USAGE, "Parameter --pkcs12 cannot be used with the PolarSSL version version of OpenVPN."); +#else if (options->ca_path) msg(M_USAGE, "Parameter --capath cannot be used when --pkcs12 is also specified."); if (options->cert_file) msg(M_USAGE, "Parameter --cert cannot be used when --pkcs12 is also specified."); if (options->priv_key_file) msg(M_USAGE, "Parameter --key cannot be used when --pkcs12 is also specified."); +#endif } else { diff --git a/ssl_polarssl.c b/ssl_polarssl.c index 7ea20ca38..d45156a7b 100644 --- a/ssl_polarssl.c +++ b/ssl_polarssl.c @@ -220,6 +220,7 @@ tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char *pkcs12_file, ) { msg(M_FATAL, "PKCS #12 files not yet supported for PolarSSL."); + return 0; } #ifdef WIN32