Hi,
On 28/10/16 19:50, Selva Nair wrote:
Hi,
On Fri, Oct 28, 2016 at 6:27 AM, Jan Just Keijser <janj...@nikhef.nl
<mailto:janj...@nikhef.nl>> wrote:
---
src/openvpn/options.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
As Arne pointed out the utility of allowing setenv opt in push is
questionable. "setenv opt bad-option" in config file logs a warning
and continues. "push bad-option" logs an error and continues. The end
result is that both avoids fatal errors with unrecognized/unknown
options.
the desired effect of the patch is to not print an ERROR but a warning
instead. For a sysadmin of a large scale deployment *any* method to
reduce the number of false errors/warnings is an advantage.
Also, I see no reason to NOT add this patch, as it does not introduce
any vulnerabilities, but it only makes the config file behaviour versus
"pushed" behaviour more consistent. Abusing "setenv" to add an optional
option to a config file is a kludge at any rate - might as well make the
kludge pushable ;)
That apart, NAK to this patch as its not correct
I'll see if I can refactor the patch - but your suggestion to put it at
the top of add_option did not work for me initially.
JJK
------------------------------------------------------------------------------
The Command Line: Reinvented for Modern Developers
Did the resurgence of CLI tooling catch you by surprise?
Reconnect with the command line and become more productive.
Learn the new .NET and ASP.NET CLI. Get your free copy!
http://sdm.link/telerik
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
