diff options
| author | Viacheslav <v.gletenko@vyos.io> | 2021-08-13 15:48:14 +0000 |
|---|---|---|
| committer | Viacheslav <v.gletenko@vyos.io> | 2021-08-13 15:48:14 +0000 |
| commit | 655876f4c22c0f4ea839a81f4af09d6016e19197 (patch) | |
| tree | a5cfaada04553499244b7fc724deb20dc03b560b | |
| parent | 326cab3da592ee5255ed1f66025a91ac6892d429 (diff) | |
| download | vyos-1x-655876f4c22c0f4ea839a81f4af09d6016e19197.tar.gz vyos-1x-655876f4c22c0f4ea839a81f4af09d6016e19197.zip | |
openvpn: T3738: Disable authentication option for server mode
| -rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 74e29ed82..6be4e918b 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019-2020 VyOS maintainers and contributors +# Copyright (C) 2019-2021 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -273,6 +273,9 @@ def verify(openvpn): if openvpn['protocol'] == 'tcp-active': raise ConfigError('Protocol "tcp-active" is not valid in server mode') + if dict_search('authentication.username', openvpn) or dict_search('authentication.password', openvpn): + raise ConfigError('Cannot specify "authentication" in server mode') + if 'remote_port' in openvpn: raise ConfigError('Cannot specify "remote-port" in server mode') |