diff options
| author | DmitriyEshenko <dmitriy.eshenko@vyos.io> | 2021-09-02 11:36:38 +0000 |
|---|---|---|
| committer | DmitriyEshenko <dmitriy.eshenko@vyos.io> | 2021-09-02 11:36:38 +0000 |
| commit | 90031f21dc66e28f8883cb58af3f07c35b61d273 (patch) | |
| tree | 94d651f9da2d68fb5a233e14e365030fb70d0986 | |
| parent | 022c5e810b8fd62b193e6eee62bfe344e294b25e (diff) | |
| download | vyos-1x-90031f21dc66e28f8883cb58af3f07c35b61d273.tar.gz vyos-1x-90031f21dc66e28f8883cb58af3f07c35b61d273.zip | |
sstp-server: T2661: Delete CA certificate redundancy check
| -rw-r--r-- | data/templates/accel-ppp/sstp.config.tmpl | 2 | ||||
| -rwxr-xr-x | src/conf_mode/vpn_sstp.py | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/data/templates/accel-ppp/sstp.config.tmpl b/data/templates/accel-ppp/sstp.config.tmpl index 7ca7b1c1e..d48e9ab0d 100644 --- a/data/templates/accel-ppp/sstp.config.tmpl +++ b/data/templates/accel-ppp/sstp.config.tmpl @@ -29,7 +29,9 @@ disable verbose=1 ifname=sstp%d accept=ssl +{% if ssl.ca_cert_file is defined and ssl.ca_cert_file is not none %} ssl-ca-file={{ ssl.ca_cert_file }} +{% endif %} ssl-pemfile={{ ssl.cert_file }} ssl-keyfile={{ ssl.key_file }} diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py index 47367f125..11925dfa4 100755 --- a/src/conf_mode/vpn_sstp.py +++ b/src/conf_mode/vpn_sstp.py @@ -57,9 +57,7 @@ def verify(sstp): # SSL certificate checks # tmp = dict_search('ssl.ca_cert_file', sstp) - if not tmp: - raise ConfigError(f'SSL CA certificate file required!') - else: + if tmp: if not os.path.isfile(tmp): raise ConfigError(f'SSL CA certificate "{tmp}" does not exist!') |