On 07/08/2011 08:56 AM, Adriaan de Jong wrote:
-----Original Message-----
From: Markus Kötter [mailto:[email protected]]
Remaining question is why does openvpn even try to retrieve values from
upper cert layers - they'll be overwritten anyway.
The information is provided to scripts and plugins in environment variables, so
that additional verification can be performed there.
Maybe we got a misunderstanding:
Question is what would be wrong with:
if( !cert_depth && verify_get_username(..) )
err();
Markus
