Hi Selva,

On Sun, Mar 11, 2018 at 09:17:58PM -0400, selva.n...@gmail.com wrote:
> From: Selva Nair <selva.n...@gmail.com>
> Have the cryptoapicert option find the first matching certificate
> in store that is valid at the present time. Currently the first
> found item, even if expired, is returned.

Are these two intended for master only or master+2.4?

(I admit that I am too lazy right now to go and actually look at the
surrounding code :-) - but with all the recent work wrt cryptoapi and
external management key, I lost track which bits are considered "new
goodies for master only")

Functionality-wise this makes sense (feature-ACK), and it also makes
sense for 2.4 - because "if there are two certificates, an expired and
a valid one, and we take the expired one" smells very much like a bug
to me :-)

now what should I write here...

Gert Doering - Munich, Germany                             g...@greenie.muc.de

Attachment: signature.asc
Description: PGP signature

Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Openvpn-devel mailing list

Reply via email to