summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorNicolas Riebesel <nicolas.riebesel@gmx.com>2021-09-23 01:28:22 +0200
committerNicolas Riebesel <nicolas.riebesel@gmx.com>2021-09-23 01:28:22 +0200
commit4084046987ab52f8c77b0393c1820d37a2124bbd (patch)
tree696fcda4aeff24bd2774d9f365f37c64972f3a80 /src/conf_mode
parentd1a2124559eb53f832bcaa467b8adc321ffbc5f9 (diff)
downloadvyos-1x-4084046987ab52f8c77b0393c1820d37a2124bbd.tar.gz
vyos-1x-4084046987ab52f8c77b0393c1820d37a2124bbd.zip
openvpn: T3642: Fix password_protected check
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/interfaces-openvpn.py2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 02b7f83bf..ce62a8b82 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -134,7 +134,7 @@ def verify_pki(openvpn):
if tls['certificate'] not in pki['certificate']:
raise ConfigError(f'Invalid certificate on openvpn interface {interface}')
- if dict_search_args(pki, 'certificate', tls['certificate'], 'private', 'password_protected'):
+ if dict_search_args(pki, 'certificate', tls['certificate'], 'private', 'password_protected') is not None:
raise ConfigError(f'Cannot use encrypted private key on openvpn interface {interface}')
if mode == 'server' and 'dh_params' not in tls and not is_ec_private_key(pki, tls['certificate']):