From 2c8e4bc4f9ab94e4d0b63341820d471af7c28c6c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= <debian@jff.email>
Date: Sun, 29 Jul 2018 13:59:02 +0200
Subject: New upstream version 2.4.6

---
 src/openvpn/options.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/openvpn/options.c')

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 3f9164c..d1adfb6 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -2189,6 +2189,15 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
     {
         msg(M_USAGE, "--management-client-(user|group) can only be used on unix domain sockets");
     }
+
+    if (options->management_addr
+        && !(options->management_flags & MF_UNIX_SOCK)
+        && (!options->management_user_pass))
+    {
+        msg(M_WARN, "WARNING: Using --management on a TCP port WITHOUT "
+            "passwords is STRONGLY discouraged and considered insecure");
+    }
+
 #endif
 
     /*
-- 
cgit v1.2.3