>> Could you explain why you need the process ID of the daemon? I am trying
>> to figure out why that is needed. I also don't understand the secure in
>> this context. What are you protecting yourself against? You are not
>> protecting your script being called from a malicious program as that
>> could lookup the PID of openvpn and just set the daemon_id variable.
>
>
> The reason I am using the process ID is as follows:
>
> When --tls-crypt-v2-verify is executed, it saves a file named:
> $(certificate_serial_number}.${daemon_pid}
> with data from the TLS-Crypt-V2 key metadata field, which can then
> be read by the following scripts: --tls-verify and --client-connect.
>
I can get behind the need of needing something daemon specific when
running multiple daemon that scripts/plugins need something simple to
identify a specific daemon. With management and a persistent connection
that is easier to implicitly assign an ID but for scripts daemon_pid
seems to be a good fit.
So if we make that a bit clear in the commit message this gets an ACK
from me.
Arne
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
