[Openvpn-devel] Repair --secret depreciation warning.

Message ID 20210417100544.5497-1-gert@greenie.muc.de
State Accepted
Headers show
Series
  • [Openvpn-devel] Repair --secret depreciation warning.
Related show

Commit Message

Gert Doering April 17, 2021, 10:05 a.m.
commit 60f5889ae formally depreciated use of configs without either
"tls-client" or "tls-server" - but got the booleans wrong.

Fix.

Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/options.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Antonio Quartulli April 17, 2021, noon | #1
Hi,

On 17/04/2021 12:05, Gert Doering wrote:
> commit 60f5889ae formally depreciated use of configs without either

depreciated -> deprecated (no?)

> "tls-client" or "tls-server" - but got the booleans wrong.
> 
> Fix.
> 
> Signed-off-by: Gert Doering <gert@greenie.muc.de>

Makes sense.
The warning should be displayed when both options are not specified.

With the current logic the warning pops up all the time, except when
both options are specified (not sure this is even allowed..). And
clearly not what we wanted :-)


Acked-by: Antonio Quartulli <antonio@openvn.net>

> ---
>  src/openvpn/options.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/openvpn/options.c b/src/openvpn/options.c
> index 3dd22d52..ef854c76 100644
> --- a/src/openvpn/options.c
> +++ b/src/openvpn/options.c
> @@ -2541,7 +2541,7 @@ options_postprocess_verify_ce(const struct options *options,
>          msg(M_USAGE, "specify only one of --tls-server, --tls-client, or --secret");
>      }
>  
> -    if (!options->tls_server || !options->tls_client)
> +    if (!options->tls_server && !options->tls_client)
>      {
>          msg(M_INFO, "DEPRECATION: No tls-client or tls-server option in "
>                      "configuration detected. OpenVPN 2.7 will remove the "
>
Gert Doering April 17, 2021, 12:34 p.m. | #2
Patch has been applied to the master branch.

Wording fixed as requested ("depreciation" is a valid term, but refers
to "financial value diminishes over time")

Tested, of course - now only the p2p test warns (as opposed to "all warn"),
and that's to be expected :-)

commit 85080921096fe60c6956b1e0a13fe6f9a3f93ab6 (master)
Author: Gert Doering
Date:   Sat Apr 17 12:05:44 2021 +0200

     Repair --secret deprecation warning.

     Signed-off-by: Gert Doering <gert@greenie.muc.de>
     Acked-by: Antonio Quartulli <antonio@openvpn.net>
     Message-Id: <20210417100544.5497-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22139.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

Patch

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 3dd22d52..ef854c76 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -2541,7 +2541,7 @@  options_postprocess_verify_ce(const struct options *options,
         msg(M_USAGE, "specify only one of --tls-server, --tls-client, or --secret");
     }
 
-    if (!options->tls_server || !options->tls_client)
+    if (!options->tls_server && !options->tls_client)
     {
         msg(M_INFO, "DEPRECATION: No tls-client or tls-server option in "
                     "configuration detected. OpenVPN 2.7 will remove the "