diff options
author | DmitriyEshenko <snooppy@mail.ua> | 2019-09-14 21:32:36 +0000 |
---|---|---|
committer | DmitriyEshenko <snooppy@mail.ua> | 2019-09-14 21:32:36 +0000 |
commit | cf9ff0e3ee803dd868f5d3d29d8184a13cf745f9 (patch) | |
tree | ad1a49332073f939b920a66e09aad7653ce314e9 /src/conf_mode/interface-openvpn.py | |
parent | 02195d0e54f09f57028966583b9068959c06a2af (diff) | |
download | vyos-1x-cf9ff0e3ee803dd868f5d3d29d8184a13cf745f9.tar.gz vyos-1x-cf9ff0e3ee803dd868f5d3d29d8184a13cf745f9.zip |
[openvpn] T1661 Adding additional check for tls_dh if it not need for ovpn client
Diffstat (limited to 'src/conf_mode/interface-openvpn.py')
-rwxr-xr-x | src/conf_mode/interface-openvpn.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/conf_mode/interface-openvpn.py b/src/conf_mode/interface-openvpn.py index fa0af0111..34c094862 100755 --- a/src/conf_mode/interface-openvpn.py +++ b/src/conf_mode/interface-openvpn.py @@ -724,8 +724,9 @@ def verify(openvpn): if not checkCertHeader('-----BEGIN X509 CRL-----', openvpn['tls_crl']): raise ConfigError('Specified crl-file "{} not valid'.format(openvpn['tls_crl'])) - if not checkCertHeader('-----BEGIN DH PARAMETERS-----', openvpn['tls_dh']): - raise ConfigError('Specified dh-file "{}" is not valid'.format(openvpn['tls_dh'])) + if openvpn['tls_dh']: + if not checkCertHeader('-----BEGIN DH PARAMETERS-----', openvpn['tls_dh']): + raise ConfigError('Specified dh-file "{}" is not valid'.format(openvpn['tls_dh'])) if openvpn['tls_role']: if openvpn['mode'] in ['client', 'server']: |