diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-02-17 08:21:28 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-02-17 08:21:28 +0000 |
commit | 522fccc3f07cb80b1a7719eefe26befbe067c7c6 (patch) | |
tree | 5d66803931b1bf80fcfec68086d227c9dddf7986 /ssl.c | |
parent | Cleanup IP address for persistence interfaces for tap and also using (diff) | |
download | openvpn-522fccc3f07cb80b1a7719eefe26befbe067c7c6.tar.xz |
The new function extract_x509_field_ssl tends to break
in early versions of OpenSSL 0.9.6. Now we will fall
back to the old function extract_x509_field for OpenSSL
0.9.6.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2749 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'ssl.c')
-rw-r--r-- | ssl.c | 12 |
1 files changed, 11 insertions, 1 deletions
@@ -344,6 +344,8 @@ tmp_rsa_cb (SSL * s, int is_export, int keylength) return (rsa_tmp); } +#ifdef USE_OLD_EXTRACT_X509_FIELD + /* * Extract a field from an X509 subject name. * @@ -378,6 +380,8 @@ extract_x509_field (const char *x509, const char *field_name, char *out, int siz } } +#else + /* * Extract a field from an X509 subject name. * @@ -423,6 +427,8 @@ extract_x509_field_ssl (X509_NAME *x509, const char *field_name, char *out, int OPENSSL_free(buf); } +#endif + static void setenv_untrusted (struct tls_session *session) { @@ -583,8 +589,12 @@ verify_callback (int preverify_ok, X509_STORE_CTX * ctx) string_mod (subject, X509_NAME_CHAR_CLASS, 0, '_'); /* extract the common name */ +#ifdef USE_OLD_EXTRACT_X509_FIELD + extract_x509_field (subject, "CN", common_name, TLS_CN_LEN); +#else extract_x509_field_ssl (X509_get_subject_name (ctx->current_cert), "CN", common_name, TLS_CN_LEN); - //extract_x509_field (subject, "CN", common_name, TLS_CN_LEN); +#endif + string_mod (common_name, COMMON_NAME_CHAR_CLASS, 0, '_'); #if 0 /* print some debugging info */ |