diff options
| author | jim-p <jimp@pfsense.org> | 2011-10-11 11:56:53 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2011-10-27 10:28:02 -0400 |
| commit | 41936accf08413ae20e4ffa74cb4e11881edd57b (patch) | |
| tree | 121eec056d9241a09cb9e5cd3508a74624125338 /etc/inc/openvpn.inc | |
| parent | 98963f2771f4ee7ac6c278a1b80f5c5e7ebfaa7d (diff) | |
| download | pfsense-41936accf08413ae20e4ffa74cb4e11881edd57b.zip pfsense-41936accf08413ae20e4ffa74cb4e11881edd57b.tar.gz | |
Assume a default value of 1 for cert_depth to disallow chaining.
Diffstat (limited to 'etc/inc/openvpn.inc')
| -rw-r--r-- | etc/inc/openvpn.inc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 7408d50..fb0b98f 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -455,6 +455,8 @@ function openvpn_reconfigure($mode, $settings) { } break; } + if (!isset($settings['cert_depth']) && (strstr($settings['mode'], 'tls'))) + $settings['cert_depth'] = 1; if (is_numeric($settings['cert_depth'])) { $sed = ""; $cert = lookup_cert($settings['certref']); |
