I've done a quick read over ssl_common.h to be sure the indexes are
valid, and fed this to a light test run (client-side only, for the
start). Looks good, passes.
I can see why Antonio grumbles, but then, ensuring stuff is in a really
well-known state if we suspect it might not always be is a valid line
of defense.
Your patch has been applied to the master and release/2.6 branch.
commit 4cf7409e82580f2890c391372d60ed713ba4650c (master)
commit 5c26918f482f21484527f4b065818863c459b226 (release/2.6)
Author: Arne Schwabe
Date: Tue Dec 13 23:54:30 2022 +0100
Set DCO_NOT_INSTALLED also for keys not in the get_key_scan range
Signed-off-by: Arne Schwabe <[email protected]>
Acked-by: Antonio Quartulli <[email protected]>
Message-Id: <[email protected]>
URL:
https://www.mail-archive.com/[email protected]/msg25681.html
Signed-off-by: Gert Doering <[email protected]>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
