On 03/01/2010 04:22:04 AM, David Sommerseth wrote:
> On 01/03/10 06:32, Karl O. Pinc wrote:
> > On 02/28/2010 10:24:36 PM, Peter Stuge wrote:
> >> David Sommerseth wrote:
> >>> +++ b/options.c
> >>> @@ -529,6 +529,9 @@ static const char usage_message[] =
> >>> " tests of certification. cmd should return
> 0
> >> to allow\n"
> >>> " TLS handshake to proceed, or 1 to fail.
> (cmd
> >> is\n"
> >>> " executed as 'cmd certificate_depth
> >> X509_NAME_oneline')\n"
> >>> + "--tls-export-cert [directory] : Get peer cert in PEM format
> and
> >> store it \n"
> >>> + " in an openvpn temporary file in
> [directory].
> >> Peer cert is \n"
> >>> + " stored before tls-verify script execution
> and
> >> deleted after.\n"
> >>
> >> Please update the man page too
> >
> > There is no man page. It's in sample-scripts/.
> >
> > However, the openvpn(8) --tls-verify section of the man page
> > is poor. I just sent another patch that clarifies it.
> > Perhaps this is what you're looking for? If not then
> > just ignore my man page patch.
>
> I don't mean to be harsh ... but this patch updates options.c and
> introduces a new argument to OpenVPN. So I agree, Peter, a man page
> update is needed!
Whoops. I was thinking of an entirely different patch
and have been sending multiple responses that are entirely
off-topic. *facepalm*
I agree. Man page update is needed.
Anyhow, having written a patch to the --tls-verify
man page patch(s) someone might want to look at it
and see if the wording is better.
Karl <k...@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
