diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-09-02 16:17:49 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-09-02 16:17:49 +0200 |
commit | 9ce5a01ee0e6b7f98a354fd0bef6ca9807b028e9 (patch) | |
tree | 89ef66bc3f5c427acc8f634434998c5d3c220c93 | |
parent | 3834f62915830af92dd006a8606b3cce75cbb483 (diff) | |
parent | 90031f21dc66e28f8883cb58af3f07c35b61d273 (diff) | |
download | vyos-1x-9ce5a01ee0e6b7f98a354fd0bef6ca9807b028e9.tar.gz vyos-1x-9ce5a01ee0e6b7f98a354fd0bef6ca9807b028e9.zip |
Merge pull request #989 from DmitriyEshenko/1x-equuleus-02092021-03
sstp-server: T2661: Delete CA certificate redundancy check
-rw-r--r-- | data/templates/accel-ppp/sstp.config.tmpl | 2 | ||||
-rwxr-xr-x | src/conf_mode/vpn_sstp.py | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/data/templates/accel-ppp/sstp.config.tmpl b/data/templates/accel-ppp/sstp.config.tmpl index 7ca7b1c1e..d48e9ab0d 100644 --- a/data/templates/accel-ppp/sstp.config.tmpl +++ b/data/templates/accel-ppp/sstp.config.tmpl @@ -29,7 +29,9 @@ disable verbose=1 ifname=sstp%d accept=ssl +{% if ssl.ca_cert_file is defined and ssl.ca_cert_file is not none %} ssl-ca-file={{ ssl.ca_cert_file }} +{% endif %} ssl-pemfile={{ ssl.cert_file }} ssl-keyfile={{ ssl.key_file }} diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py index 47367f125..11925dfa4 100755 --- a/src/conf_mode/vpn_sstp.py +++ b/src/conf_mode/vpn_sstp.py @@ -57,9 +57,7 @@ def verify(sstp): # SSL certificate checks # tmp = dict_search('ssl.ca_cert_file', sstp) - if not tmp: - raise ConfigError(f'SSL CA certificate file required!') - else: + if tmp: if not os.path.isfile(tmp): raise ConfigError(f'SSL CA certificate "{tmp}" does not exist!') |