git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Tue, 16 Jan 2024 10:15:56 +0000 (11:15 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Tue, 16 Jan 2024 10:53:38 +0000 (11:53 +0100)
commit	d27cb14891f3ac40e86062c475df139bbe2c6066
tree	bc47434ae9f5e403d7ec19ab73b4b548a31d9550	tree \| snapshot
parent	9fb62e2b32fd4e63ae323ccfbc79dfaba6ce4d91	commit \| diff

Implement the --tls-export-cert feature

This is a re-implementation of the --tls-export-cert feature. This
was necessary to due to missing approval to re-license the old
(now removed) code. The re-implementation is based on the following
description of the feature provided by David:

  Add an option to export certificate in PEM format of the remote
  peer to a given directory.

  For example: --tls-export-cert /var/tmp

  This option should use a randomised filename, which is provided via a
  "peer_cert" environment variable for the --tls-verify script or the
  OPENVPN_PLUGIN_TLS_VERIFY plug-in hook.

Once the script or plugin call has completed, OpenVPN should delete
this file.

Change-Id: Ia9b3f1813d2d0d492d17c87348b4cebd0bf19ce2
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20240116101556.2257-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28014.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit c58c7c3c669461805956dabc703c1279fe58eeee)

doc/man-sections/script-options.rst		diff \| blob \| blame \| history
src/openvpn/init.c		diff \| blob \| blame \| history
src/openvpn/options.c		diff \| blob \| blame \| history
src/openvpn/options.h		diff \| blob \| blame \| history
src/openvpn/ssl_common.h		diff \| blob \| blame \| history
src/openvpn/ssl_verify.c		diff \| blob \| blame \| history
src/openvpn/ssl_verify_backend.h		diff \| blob \| blame \| history
src/openvpn/ssl_verify_mbedtls.c		diff \| blob \| blame \| history
src/openvpn/ssl_verify_openssl.c		diff \| blob \| blame \| history