Extra arguments seem to be ignored in openvpn exec

[dpb587]

The ssoca openvpn exec command is supposed to accept additional arguments to pass to openvpn in addition to the generated --config file.

For example, I expect the following to work, but the --tls-version-max doesn't seem to be respected.

$ ssoca openvpn exec -- --tls-version-max 1.2

Interestingly, typo'ing the argument does seem to suggest it's correctly being passed to openvpn because it errors.

$ ssoca -e pws-prod openvpn exec -- --tls-version-max=1.2
Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: tls-version-max=1.2 (2.4.7)
Use --help for more information.

Make it work, or figure out why it's not actually supported.

Notes:

• Perhaps they need to be located before the --config? But should make sure user args can override the default generated config, if needed.
• Alternatively, is it safe to simply append them to the generated config? Would probably be hard to know if the args are key/values or just keys though.
• Motivated by odd behavior in Debian where the default openvpn+openssl version have an issue with TLSv1.3 connections (reference).

[mhoran]

I filed a bug with Debian for the TLSv1.3 issue.

[dpb587]

This appears to be working as expected (verified with --verb 11). The underlying error suggesting this issue turned out to be caused by #13, which has nothing to do with missing, propagated options.