Merge branch 'add-ca-directive-to-openvpn'

2 files changed, 20 insertions, 3 deletions

diff --git a/talpid_core/src/process/openvpn.rs b/talpid_core/src/process/openvpn.rs
index 09e845b640..ea66ef894c 100644
--- a/talpid_core/src/process/openvpn.rs
+++ b/talpid_core/src/process/openvpn.rs
@@ -36,6 +36,7 @@ pub struct OpenVpnCommand {
     config: Option<PathBuf>,
     remote: Option<net::Endpoint>,
     user_pass_path: Option<PathBuf>,
+    ca: Option<PathBuf>,
     plugin: Option<(PathBuf, Vec<String>)>,
 }
 
@@ -48,6 +49,7 @@ impl OpenVpnCommand {
             config: None,
             remote: None,
             user_pass_path: None,
+            ca: None,
             plugin: None,
         }
     }
@@ -71,6 +73,12 @@ impl OpenVpnCommand {
         self
     }
 
+    /// Sets the path to the CA certificate file.
+    pub fn ca<P: AsRef<Path>>(&mut self, path: P) -> &mut Self {
+        self.ca = Some(path.as_ref().to_path_buf());
+        self
+    }
+
     /// Sets a plugin and its arguments that OpenVPN will be started with.
     pub fn plugin<P: AsRef<Path>>(&mut self, path: P, args: Vec<String>) -> &mut Self {
         self.plugin = Some((path.as_ref().to_path_buf(), args));
@@ -95,6 +103,11 @@ impl OpenVpnCommand {
         args.extend(self.remote_arguments().iter().map(OsString::from));
         args.extend(self.authentication_arguments());
 
+        if let Some(ref ca) = self.ca {
+            args.push(OsString::from("--ca"));
+            args.push(OsString::from(ca.as_os_str()));
+        }
+
         if let Some((ref path, ref plugin_args)) = self.plugin {
             args.push(OsString::from("--plugin"));
             args.push(OsString::from(path));
diff --git a/talpid_core/src/tunnel/mod.rs b/talpid_core/src/tunnel/mod.rs
index a3cf019da7..b05f1283f3 100644
--- a/talpid_core/src/tunnel/mod.rs
+++ b/talpid_core/src/tunnel/mod.rs
@@ -85,7 +85,10 @@ impl TunnelMonitor {
 
     fn create_openvpn_cmd(remote: net::Endpoint, user_pass_file: &Path) -> OpenVpnCommand {
         let mut cmd = OpenVpnCommand::new("openvpn");
-        cmd.config(get_config_path()).remote(remote).user_pass(user_pass_file);
+        if let Some(config) = get_config_path() {
+            cmd.config(config);
+        }
+        cmd.remote(remote).user_pass(user_pass_file).ca("ca.crt");
         cmd
     }
 
@@ -162,6 +165,7 @@ fn get_plugin_path() -> Result<PathBuf> {
 
 // TODO(linus): Temporary implementation for getting hold of a config location.
 // Manually place a working config here or change this string in order to test
-fn get_config_path() -> &'static str {
-    "./openvpn.conf"
+fn get_config_path() -> Option<&'static Path> {
+    let path = Path::new("./openvpn.conf");
+    if path.exists() { Some(path) } else { None }
 }