T2140: openvpn: fix checkCertHeader function return value

This function returned True even if no match in the certificate file was found, causing all checks using it to erroneously pass.
author: Jernej Jakob <jernej.jakob@gmail.com> 2020-03-19 20:22:21 +0100
committer: Jernej Jakob <jernej.jakob@gmail.com> 2020-03-19 20:30:41 +0100
commit: e6832e4ffdf3b8a75546af7fea5c0d5646126a5b (patch)
tree: dd1bf272199bc7cecd6f551b4443d5d745ce0cd6
parent: a0cd6bbf298533f8812acae1154a71cdea3176a4 (diff)
download: vyos-1x-e6832e4ffdf3b8a75546af7fea5c0d5646126a5b.tar.gz
vyos-1x-e6832e4ffdf3b8a75546af7fea5c0d5646126a5b.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 6b2e3e52e..5a25264d6 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -365,7 +365,7 @@ def fixup_permission(filename, permission=S_IRUSR):
 def checkCertHeader(header, filename):
     """
     Verify if filename contains specified header.
-    Returns True on success or on file not found to not trigger the exceptions
+    Returns True if match is found, False if no match or file is not found
     """
     if not os.path.isfile(filename):
         return False
@@ -375,7 +375,7 @@ def checkCertHeader(header, filename):
             if re.match(header, line):
                 return True
 
-    return True
+    return False
 
 def get_config():
     openvpn = deepcopy(default_config_data)
author	Jernej Jakob <jernej.jakob@gmail.com>	2020-03-19 20:22:21 +0100
committer	Jernej Jakob <jernej.jakob@gmail.com>	2020-03-19 20:30:41 +0100
commit	e6832e4ffdf3b8a75546af7fea5c0d5646126a5b (patch)
tree	dd1bf272199bc7cecd6f551b4443d5d745ce0cd6
parent	a0cd6bbf298533f8812acae1154a71cdea3176a4 (diff)
download	vyos-1x-e6832e4ffdf3b8a75546af7fea5c0d5646126a5b.tar.gz vyos-1x-e6832e4ffdf3b8a75546af7fea5c0d5646126a5b.zip