Add extv3 X509 field support to --x509-username-field

This allows using other X509 certificate fields for the certificate authentication. To use altSubjectName, use --x509-username-field ext:altSubjectName This feature requires OpenVPN to be built with --enable-x509-alt-username This patch is slightly modified, to honour --enable-x509-alt-username compile time configuration. Two #ifdef's are added. Signed-off-by: Markus Koetter <koetter@rrzn-hiwi.uni-hannover.de> Signed-off-by: David Sommerseth <davids@redhat.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
author: Markus Koetter <koetter@rrzn-hiwi.uni-hannover.de> 2010-12-10 20:30:09 +0100
committer: David Sommerseth <davids@redhat.com> 2011-03-25 09:05:18 +0100
commit: 3fa86d237721ca113fa020b7e888a1e10374a560 (patch)
tree: 86cdf43dede61fb83e742207c34cc6e9fc02a081 /options.c
parent: Preparing for the v2.2-RC2 release (diff)
download: openvpn-3fa86d237721ca113fa020b7e888a1e10374a560.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/options.c b/options.c
index f4eeaee..4c28a8f 100644
--- a/options.c
+++ b/options.c
@@ -5907,7 +5907,8 @@ add_option (struct options *options,
     {
       char *s = p[1];
       VERIFY_PERMISSION (OPT_P_GENERAL);
-      while ((*s = toupper(*s)) != '\0') s++; /* Uppercase if necessary */
+      if( strncmp ("ext:",s,4) != 0 )
+        while ((*s = toupper(*s)) != '\0') s++; /* Uppercase if necessary */
       options->x509_username_field = p[1];
     }
 #endif /* ENABLE_X509ALTUSERNAME */
author	Markus Koetter <koetter@rrzn-hiwi.uni-hannover.de>	2010-12-10 20:30:09 +0100
committer	David Sommerseth <davids@redhat.com>	2011-03-25 09:05:18 +0100
commit	3fa86d237721ca113fa020b7e888a1e10374a560 (patch)
tree	86cdf43dede61fb83e742207c34cc6e9fc02a081 /options.c
parent	Preparing for the v2.2-RC2 release (diff)
download	openvpn-3fa86d237721ca113fa020b7e888a1e10374a560.tar.xz