)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":1000002,"name":"cron2","display_name":"Gert Doering","email":"gert@greenie.muc.de","username":"cron2"},"change_message_id":"7338b9ef8baddde63dba2f100286d39eeb37ba0e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"dd93b3e4_6b1b8a2b","updated":"2026-04-17 16:46:29.000000000","message":"After some quick discussion we didn\u0027t feel like doing another round - the API documentation says \"these 4 error codes are possible\" and it\u0027s hard to imagine anything else (a generic \"EWEIRDFAILURE\" can always be signalled as one of the two \"cannot read \u003ctime\u003e from cert\" errors).  So we progress here, for now.","commit_id":"e173af01845321bc811d8ea7b4a82e5313ffa382"},{"author":{"_account_id":1000046,"name":"mandree","email":"matthias.andree@gmx.de","username":"mandree"},"change_message_id":"d5af46d4a4f3d3215d8f781f7c5764bcf5658bf5","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"7a793a74_990601b6","updated":"2026-04-17 10:58:52.000000000","message":"So we\u0027re using a switch to decode a subset of errors - certainly the most likely ones, but should there be a fallback path for all other errors to report them?","commit_id":"e173af01845321bc811d8ea7b4a82e5313ffa382"}],"src/openvpn/ssl_openssl.c":[{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"1140488e3ea1af942fce40fdd43e13e997eb8c21","unresolved":true,"context_lines":[{"line_number":688,"context_line":""},{"line_number":689,"context_line":"    if (vpm \u003d\u003d NULL)"},{"line_number":690,"context_line":"    {"},{"line_number":691,"context_line":"        msg(D_TLS_DEBUG_MED, \"Failed to initialise certificate verification parameters.\");"},{"line_number":692,"context_line":"    }"},{"line_number":693,"context_line":""},{"line_number":694,"context_line":"    X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_USE_CHECK_TIME);"}],"source_content_type":"text/x-csrc","patch_set":2,"id":"ce3d6801_f2791ace","line":691,"updated":"2026-04-01 10:34:38.000000000","message":"Shouldn\u0027t we return from the function here?","commit_id":"9fc2372c9bc05a7db18f2ee4bfe2d3856345159e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"42093d5c4f12ba87524bf22928b14f9645b3a073","unresolved":false,"context_lines":[{"line_number":688,"context_line":""},{"line_number":689,"context_line":"    if (vpm \u003d\u003d NULL)"},{"line_number":690,"context_line":"    {"},{"line_number":691,"context_line":"        msg(D_TLS_DEBUG_MED, \"Failed to initialise certificate verification parameters.\");"},{"line_number":692,"context_line":"    }"},{"line_number":693,"context_line":""},{"line_number":694,"context_line":"    X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_USE_CHECK_TIME);"}],"source_content_type":"text/x-csrc","patch_set":2,"id":"9936038d_d6f94305","line":691,"in_reply_to":"ce3d6801_f2791ace","updated":"2026-04-01 11:34:25.000000000","message":"yeah. Good catch","commit_id":"9fc2372c9bc05a7db18f2ee4bfe2d3856345159e"},{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"1140488e3ea1af942fce40fdd43e13e997eb8c21","unresolved":true,"context_lines":[{"line_number":705,"context_line":"    {"},{"line_number":706,"context_line":"        msg(M_WARN, \"WARNING: Your certificate is not yet valid!\");"},{"line_number":707,"context_line":"    }"},{"line_number":708,"context_line":"    if (ret \u003d\u003d X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD)"},{"line_number":709,"context_line":"    {"},{"line_number":710,"context_line":"        msg(D_TLS_DEBUG_MED, \"Failed to read certificate notAfter field.\");"},{"line_number":711,"context_line":"    }"}],"source_content_type":"text/x-csrc","patch_set":2,"id":"ed877e20_2571c8e7","line":708,"updated":"2026-04-01 10:34:38.000000000","message":"error, not ret","commit_id":"9fc2372c9bc05a7db18f2ee4bfe2d3856345159e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"42093d5c4f12ba87524bf22928b14f9645b3a073","unresolved":false,"context_lines":[{"line_number":705,"context_line":"    {"},{"line_number":706,"context_line":"        msg(M_WARN, \"WARNING: Your certificate is not yet valid!\");"},{"line_number":707,"context_line":"    }"},{"line_number":708,"context_line":"    if (ret \u003d\u003d X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD)"},{"line_number":709,"context_line":"    {"},{"line_number":710,"context_line":"        msg(D_TLS_DEBUG_MED, \"Failed to read certificate notAfter field.\");"},{"line_number":711,"context_line":"    }"}],"source_content_type":"text/x-csrc","patch_set":2,"id":"2d685abe_e195c5f2","line":708,"in_reply_to":"ed877e20_2571c8e7","updated":"2026-04-01 11:34:25.000000000","message":"Acknowledged","commit_id":"9fc2372c9bc05a7db18f2ee4bfe2d3856345159e"},{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"03a5d55010a8bc6e06ec5423d753ac94fa382738","unresolved":true,"context_lines":[{"line_number":685,"context_line":"        return;"},{"line_number":686,"context_line":"    }"},{"line_number":687,"context_line":""},{"line_number":688,"context_line":"    if (error \u003d\u003d X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD)"},{"line_number":689,"context_line":"    {"},{"line_number":690,"context_line":"        msg(D_TLS_DEBUG_MED, \"Failed to read certificate notBefore field.\");"},{"line_number":691,"context_line":"    }"}],"source_content_type":"text/x-csrc","patch_set":3,"id":"7faf7350_74c0cf48","line":688,"updated":"2026-04-04 16:51:32.000000000","message":"Not sure whether that is bikeshedding, but should we maybe use a case statement here? Looks more appropriate for checking the same variable against 4 values.","commit_id":"eb5c944ddaab5c9b3240c7853b93863b2180dd55"},{"author":{"_account_id":1000002,"name":"cron2","display_name":"Gert Doering","email":"gert@greenie.muc.de","username":"cron2"},"change_message_id":"7338b9ef8baddde63dba2f100286d39eeb37ba0e","unresolved":false,"context_lines":[{"line_number":685,"context_line":"        return;"},{"line_number":686,"context_line":"    }"},{"line_number":687,"context_line":""},{"line_number":688,"context_line":"    if (error \u003d\u003d X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD)"},{"line_number":689,"context_line":"    {"},{"line_number":690,"context_line":"        msg(D_TLS_DEBUG_MED, \"Failed to read certificate notBefore field.\");"},{"line_number":691,"context_line":"    }"}],"source_content_type":"text/x-csrc","patch_set":3,"id":"4abd9506_936c6580","line":688,"in_reply_to":"7faf7350_74c0cf48","updated":"2026-04-17 16:46:29.000000000","message":"Done","commit_id":"eb5c944ddaab5c9b3240c7853b93863b2180dd55"},{"author":{"_account_id":1000046,"name":"mandree","email":"matthias.andree@gmx.de","username":"mandree"},"change_message_id":"d5af46d4a4f3d3215d8f781f7c5764bcf5658bf5","unresolved":true,"context_lines":[{"line_number":721,"context_line":"        case X509_V_ERR_CERT_HAS_EXPIRED:"},{"line_number":722,"context_line":"            msg(M_WARN, \"WARNING: Your certificate has expired!\");"},{"line_number":723,"context_line":"            break;"},{"line_number":724,"context_line":"    }"},{"line_number":725,"context_line":"}"},{"line_number":726,"context_line":"#endif"},{"line_number":727,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":5,"id":"ec8212fc_9969e4dd","line":724,"updated":"2026-04-17 10:58:52.000000000","message":"The followup question to Frank\u0027s is whether there should be a default branch decoding other error values in a generic way and report them.","commit_id":"e173af01845321bc811d8ea7b4a82e5313ffa382"},{"author":{"_account_id":1000002,"name":"cron2","display_name":"Gert Doering","email":"gert@greenie.muc.de","username":"cron2"},"change_message_id":"7338b9ef8baddde63dba2f100286d39eeb37ba0e","unresolved":false,"context_lines":[{"line_number":721,"context_line":"        case X509_V_ERR_CERT_HAS_EXPIRED:"},{"line_number":722,"context_line":"            msg(M_WARN, \"WARNING: Your certificate has expired!\");"},{"line_number":723,"context_line":"            break;"},{"line_number":724,"context_line":"    }"},{"line_number":725,"context_line":"}"},{"line_number":726,"context_line":"#endif"},{"line_number":727,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":5,"id":"60f7cadb_7d8a7424","line":724,"in_reply_to":"ec8212fc_9969e4dd","updated":"2026-04-17 16:46:29.000000000","message":"Done","commit_id":"e173af01845321bc811d8ea7b4a82e5313ffa382"}]}