From: Selva Nair <selva.n...@gmail.com>
The error is treated as a warning only if its triggered due
to script_security < SSEC_SCRIPTS.
This helps user interfaces enforce a safer script-security setting
without causing a FATAL error.
Signed-off-by: Selva Nair <selva.n...@gmail.com>
---
v3 changes:
- script_security --> script_security() following
commit bf97c00f7dba441b504881f38e40afcbb610a39f
v2 changes:
- Have script errors continue to trigger a FATAL error.
- Update the commit message to match this change.
src/openvpn/init.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index d28d1fd..4969565 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -169,13 +169,14 @@ run_up_down(const char *command,
if (command)
{
struct argv argv = argv_new();
+ int flags = (script_security() >= SSEC_SCRIPTS)? S_FATAL : 0;
ASSERT(arg);
setenv_str(es, "script_type", script_type);
argv_parse_cmd(&argv, command);
argv_printf_cat(&argv, "%s %d %d %s %s %s", arg, tun_mtu, link_mtu,
ifconfig_local, ifconfig_remote, context);
argv_msg(M_INFO, &argv);
- openvpn_run_script(&argv, es, S_FATAL, "--up/--down");
+ openvpn_run_script(&argv, es, flags, "--up/--down");
argv_reset(&argv);
}
--
2.1.4
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
