git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Heiko Hund <heiko.hund@sophos.com>
	Thu, 7 Mar 2013 15:36:41 +0000 (16:36 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 7 Mar 2013 19:31:59 +0000 (20:31 +0100)
commit	f6e12862cefd054eb1a44c18ea1dfb4cba7d007a
tree	51e3ce54b2e8fcb3feac2a3252efc16ccecc633f	tree
parent	0f92b3b4170dab29aaf5cb4e6a0d00d37bf418b4	commit \| diff

add new option for X.509 name verification

Add the option --verify-x509-name to provide the functionality
of the now deprecated --tls-remote.

The new option accepts RFC 2253 subject DNs only and compares
RDN or RDN prefix only if configured explicitly.

Signed-off-by: Heiko Hund <heiko.hund@sophos.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: 1362670601-18660-1-git-send-email-heiko.hund@sophos.com
URL: http://article.gmane.org/gmane.network.openvpn.devel/7376
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 9f0fc745664fd0fc6a1c6785e101bf912088db16)

doc/openvpn.8		diff \| blob \| blame \| history
src/openvpn/init.c		diff \| blob \| blame \| history
src/openvpn/options.c		diff \| blob \| blame \| history
src/openvpn/options.h		diff \| blob \| blame \| history
src/openvpn/ssl_common.h		diff \| blob \| blame \| history
src/openvpn/ssl_verify.c		diff \| blob \| blame \| history
src/openvpn/ssl_verify.h		diff \| blob \| blame \| history