summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJernej Jakob <jernej.jakob@gmail.com>2020-03-19 20:22:21 +0100
committerJernej Jakob <jernej.jakob@gmail.com>2020-03-19 20:30:41 +0100
commite6832e4ffdf3b8a75546af7fea5c0d5646126a5b (patch)
treedd1bf272199bc7cecd6f551b4443d5d745ce0cd6 /src
parenta0cd6bbf298533f8812acae1154a71cdea3176a4 (diff)
downloadvyos-1x-e6832e4ffdf3b8a75546af7fea5c0d5646126a5b.tar.gz
vyos-1x-e6832e4ffdf3b8a75546af7fea5c0d5646126a5b.zip
T2140: openvpn: fix checkCertHeader function return value
This function returned True even if no match in the certificate file was found, causing all checks using it to erroneously pass.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/interfaces-openvpn.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 6b2e3e52e..5a25264d6 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -365,7 +365,7 @@ def fixup_permission(filename, permission=S_IRUSR):
def checkCertHeader(header, filename):
"""
Verify if filename contains specified header.
- Returns True on success or on file not found to not trigger the exceptions
+ Returns True if match is found, False if no match or file is not found
"""
if not os.path.isfile(filename):
return False
@@ -375,7 +375,7 @@ def checkCertHeader(header, filename):
if re.match(header, line):
return True
- return True
+ return False
def get_config():
openvpn = deepcopy(default_config_data)