]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b60d2bb) | patch
Use USER_PASS_LEN instead of TLS_USERNAME_LEN for override-username
authorArne Schwabe <arne@rfc2549.org>
Wed, 2 Apr 2025 13:45:39 +0000 (15:45 +0200)
committerGert Doering <gert@greenie.muc.de>
Wed, 9 Apr 2025 09:26:24 +0000 (11:26 +0200)
commitbb8f2e373cf5d6c4d4320694ddd14bb61d5756b3
treed4eb18fa0259df7f8057001719eaede9e3406cddtree
parentb60d2bb98c77d5836b7e3e2d21eeeb17aa55d3f2commit | diff
Use USER_PASS_LEN instead of TLS_USERNAME_LEN for override-username

Currently override-username is artificially restricted to the length of
TLS common-name (64) for the corner case of using username-as-common-name,
which we explicitly do not recommend to use.

Do away with that limitation and only error out on longer usernames when
username-as-common-name is actually in effect.

Change-Id: I1c2c050dd160746a0f8d9c234abe1e258bc8e48d
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250402134546.3504-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31323.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpn/multi.c diff | blob | blame | history
src/openvpn/options.c diff | blob | blame | history
src/openvpn/ssl_verify.c diff | blob | blame | history
src/openvpn/ssl_verify.h diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git