Fix the --client-cert-not-required feature
Commit
2e8337de248ef0b5b48cbb2964da0d5c3f28b15b introduced a new
feature for using other SSL certificate fields for authentication
than the CN field.
This commit introduced a bug, which made the verify_callback()
function getting called even if --client-cert-not-required was
enabled in the config.
The reason for this was that an 'else' statement was lacking a
couple of curly braces. The offending commit in reality moved
the setup of the verify_callback() function out of the 'else'
statement.
Report-URL: https://community.openvpn.net/openvpn/ticket/108
Report-URL: https://forums.openvpn.net/topic7751.html
Signed-off-by: David Sommerseth <davids@redhat.com>
Acked-by: Jan Just Keijser <janjust@nikhef.nl>
projects / thirdparty / openvpn.git / commit
