aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-10-28 20:24:46 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-10-28 20:24:46 +0000
commitfd81c006213ed9d65473c1194b3446088158297e (patch)
tree9e5b7c0fb4da4d1259f4f378fc7cd3424cf26d91
parentAdded server-side --auth-user-pass-optional directive, to allow (diff)
downloadopenvpn-fd81c006213ed9d65473c1194b3446088158297e.tar.xz
Added man page entry for new environmental variable set
X509_{n}_{subject_field}. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3462 e7ae566f-a301-0410-adde-c780ea21d3b5
-rw-r--r--openvpn.837
1 files changed, 37 insertions, 0 deletions
diff --git a/openvpn.8 b/openvpn.8
index 1b81077..b91dc7b 100644
--- a/openvpn.8
+++ b/openvpn.8
@@ -5468,6 +5468,43 @@ script execution only when the
.B via-env
modifier is specified.
.\"*********************************************************
+.TP
+.B X509_{n}_{subject_field}
+An X509 subject field from the remote peer certificate,
+where
+.B n
+is the verification level. Only set for TLS connections. Set prior
+to execution of
+.B --tls-verify
+script. This variable is similar to
+.B tls_id_{n}
+except the component X509 subject fields are broken out, and
+no string remapping occurs on these field values (except for remapping
+of control characters to "_").
+For example, the following variables would be set on the
+OpenVPN server using the sample client certificate
+in sample-keys (client.crt).
+Note that the verification level is 0 for the client certificate
+and 1 for the CA certificate.
+.RS
+.ft 3
+.nf
+.sp
+X509_0_emailAddress=me@myhost.mydomain
+X509_0_CN=Test-Client
+X509_0_O=OpenVPN-TEST
+X509_0_ST=NA
+X509_0_C=KG
+X509_1_emailAddress=me@myhost.mydomain
+X509_1_O=OpenVPN-TEST
+X509_1_L=BISHKEK
+X509_1_ST=NA
+X509_1_C=KG
+.ft
+.LP
+.RE
+.fi
+.\"*********************************************************
.SH SIGNALS
.TP
.B SIGHUP