Introduce global option --force-safe-ssl #935

TinCanTech · 2023-04-12T00:12:50Z

easyrsa_openssl() default behaviour is to re-use the generated safe SSL config file, after bieng called for the first time. NOTE: easyrsa_openssl() is a heavily nested function.

This option forces recreation of a safe SSL config file for each call to easyrsa_openssl().

Only effective when an SSL config fie is required.

easyrsa_openssl() default behaviour is to re-use the generated safe SSL config file, after bieng called for the first time. NOTE: easyrsa_openssl() is a heavily nested function. This option forces recreation of a safe SSL config file for each call to easyrsa_openssl(). Only effective when an SSL config fie is required. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>

TinCanTech · 2023-04-12T00:19:45Z

This is simply a debug option in the event that #931 goes wrong.

Regarding #931,
I have proved it works ~~but cannot prove that it does not work,~~

SSL config file is static, as are the parameter expansions, it works.

TinCanTech self-assigned this Apr 12, 2023

TinCanTech added EasyRSA-OpenSSL-Config development Possible changes version 3.1.3 labels Apr 12, 2023

TinCanTech added Full-Approval Merge is imminent and removed development Possible changes labels Apr 13, 2023

TinCanTech merged commit dd30507 into OpenVPN:master Apr 13, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Introduce global option --force-safe-ssl #935

Introduce global option --force-safe-ssl #935

TinCanTech commented Apr 12, 2023

TinCanTech commented Apr 12, 2023 •

edited

Loading

Introduce global option --force-safe-ssl #935

Introduce global option --force-safe-ssl #935

Conversation

TinCanTech commented Apr 12, 2023

TinCanTech commented Apr 12, 2023 • edited Loading

TinCanTech commented Apr 12, 2023 •

edited

Loading