Faidon,

If you send me a binary build for Windows 32-bit, I'll test it against expired 
and revoked certs.  I presume I don't need a server configured for this test; 
it should fail client side before attempting to connect?

Jason

-----Original Message-----
From: Faidon Liambotis [mailto:parav...@debian.org]
Sent: Tuesday, 07 October, 2008 15:53
To: Alon Bar-Lev
Cc: Jason R. Coombs; openvpn-devel@lists.sourceforge.net
Subject: Re: [Openvpn-devel] [PATCH v4] Use CryptoAPI CA store (was Re: [PATCH 
v3] Use CryptoAPI CA store)

Hi,

Alon Bar-Lev wrote:
> On 9/27/08, Alon Bar-Lev <alon.bar...@gmail.com> wrote:
>>  I prefer to receive patches...
>>  Anyway, this is not exactly what I meant.
>>  Please review latest head.
>>  I did not test this, but it should be correct now as far as the
>>  changes are concerned.
>>  It may not work as the validation process was never tested.
>
> Any news?
Thanks for reviving this. I built it and tried it and seems to work.
I didn't test with revoked or expired certificates, however.

As for warnings there's just a trivial one:
        cryptoapi.c:429: warning: passing arg 2 of `d2i_X509' from
                         incompatible pointer type

Regards,
Faidon

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to