When specifying --tls-client --cert ... without a --key (or --pkcs11) option,
OpenVPN should complain: "You must define private key file (--key)...". Ensure
that this works even when compiling with MANAGMENT_EXTERNAL_KEY.
Signed-off-by: Joachim Schipper <joachim.schip...@fox-it.com>
---
src/openvpn/options.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 9baa4ff..caa9d17 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -2274,7 +2274,7 @@ options_postprocess_verify_ce (const struct options
*options, const struct conne
{
notnull (options->cert_file, "certificate file (--cert) or
PKCS#12 file (--pkcs12)");
#ifdef MANAGMENT_EXTERNAL_KEY
- if (!options->management_flags & MF_EXTERNAL_KEY)
+ if (!(options->management_flags & MF_EXTERNAL_KEY))
#endif
notnull (options->priv_key_file, "private key file (--key) or
PKCS#12 file (--pkcs12)");
}
--
1.7.9.5
