On 07/07/2011 09:06 PM, Adriaan de Jong wrote:
A fix is included in my SSL separation patch set, in this patch to be exact: https://github.com/andj/openvpn-ssl-refactoring/commit/71e27b1e282bf8e10724b69fe4cbeac65dee325b .Does that solve the problem?
The logic should be fixed yes.Remaining question is why does openvpn even try to retrieve values from upper cert layers - they'll be overwritten anyway.
Markus
