> -----Original Message----- > From: Markus Kötter [mailto:koet...@rrzn-hiwi.uni-hannover.de] > > On 07/07/2011 09:06 PM, Adriaan de Jong wrote: > > A fix is included in my SSL separation patch set, in this patch to be > > exact: > > https://github.com/andj/openvpn-ssl- > refactoring/commit/71e27b1e282bf8e10724b69fe4cbeac65dee325b . > > > > > > Does that solve the problem? > > The logic should be fixed yes. > Remaining question is why does openvpn even try to retrieve values from > upper cert layers - they'll be overwritten anyway. The information is provided to scripts and plugins in environment variables, so that additional verification can be performed there.
Regards, Adriaan
