Attention is currently required from: flichtenheld, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/466?usp=email )
Change subject: Implement the --tls-export-cert feature ...................................................................... Patch Set 10: Code-Review+2 (1 comment) Patchset: PS10: OK, this seems to be doing what the (old) manpage leads me to expect - for each level of certificates, --tls-verify is called once (so "1x for level 0, 1x for level 1" if no intermediate CAs are used) - this was not clear to me initially, that it's indeed called multiple times. - depending on the level of call, exactly one `$peer_cert_<n>` env variable is set, and that certificate file exists - on level 0, `$peer_cert` is set as well - indeed, different certs show up in these files The old code only ever sets `peer_cert`, though, independent of the level, so I'm not sure having a (single) `$peer_cert_<n>` variable is that useful - if it's only one, `peer_cert` is maybe good enough? So we could move onward, or move to "always `$peer_cert`, no `_<n>`... -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/466?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ia9b3f1813d2d0d492d17c87348b4cebd0bf19ce2 Gerrit-Change-Number: 466 Gerrit-PatchSet: 10 Gerrit-Owner: plaisthos <arne-open...@rfc2549.org> Gerrit-Reviewer: cron2 <g...@greenie.muc.de> Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-Attention: plaisthos <arne-open...@rfc2549.org> Gerrit-Attention: flichtenheld <fr...@lichtenheld.com> Gerrit-Comment-Date: Sat, 06 Jan 2024 15:31:06 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
