Doesn't missing tls-remote verification just pass the certificate if you don't specify tls remote?  i.e. openvpn will allow connections unless you make verification more restrictive through some combination of --tls-remote, --ns-cert-type, etc?  In any case, this is a good thing to have.

So for 0.7 the openvpn plugin got substantially rewritten.  An updated patch would be quite appreciated!

- A text entry field named "Required Gateway Name" (or something like that) should be added to nm-openvpn-dialog.glade in the table1, table4, and table5 items
- A new key created in src/nm-openvpn-service.h called NM_OPENVPN_KEY_TLS_REMOTE
- Have properties/auth-helpers.c handle the key <-> entry stuff for each of the 3 auth methods in which certificates are used
- Have properties/import-export.c handle that value correctly when importing and exporting

If you don't want to or can't provide an updated patch against current SVN, flip the bug back to NEW and we'll get around to it eventually.

Flipping back to new as per comment #3. Luca, feel free to provide a new patch!

I am going to port this patch to the latest 0.7.997 in some time.

Created attachment 151386 [details] [review]
nm-openvpn-tls-remote-patch

attached patch, adds the tls-remote functionality

751fcfb0c1165c52d84ce42409e293984a09d35d (master)
0a637c81da508c75811314a46b07df2527302077 (0.7.x)

thanks!