On Wed, Jul 6, 2011 at 6:55 PM, Markus Koetter < koet...@rrzn-hiwi.uni-hannover.de> wrote:
> On 07/05/2011 03:15 PM, David Sommerseth wrote: > >> Can you please use git bisect to locate the offending commit? >> > > I figured out this never really worked with openvpn git at all. > During discussing the patch, the check for the error_depth disappeared. > So, if the root certificate lacked the extension, it would fail. > > Therefore, attached a patch which accepts this kind of error if the > error_depth is != 0 - the lowest level of the cert is not reached yet. > This duplicates the behavior which is used for the fields. > > I was wondering why the script tries to extract values from certificates > for any level but 0 anyway? > Hi Markus, A fix is included in my SSL separation patch set, in this patch to be exact: https://github.com/andj/openvpn-ssl-refactoring/commit/71e27b1e282bf8e10724b69fe4cbeac65dee325b . Does that solve the problem? Adriaan
