aboutsummaryrefslogtreecommitdiff
path: root/ssl.h
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-10-28 20:01:05 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-10-28 20:01:05 +0000
commit24ce3b27fb2c9fd53bd521e1dd524ad64e338e68 (patch)
tree7c15fb7c5ba8a9f0ab1a7c1834d356e677efd458 /ssl.h
parentChange to pkitool/openssl.cnf so that calling scripts can (diff)
downloadopenvpn-24ce3b27fb2c9fd53bd521e1dd524ad64e338e68.tar.xz
Added server-side --auth-user-pass-optional directive, to allow
connections by clients that do not specify a username/password, when a user-defined authentication script/module is in place (via --auth-user-pass-verify, --management-client-auth, or a plugin module). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3461 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to '')
-rw-r--r--ssl.h7
1 files changed, 6 insertions, 1 deletions
diff --git a/ssl.h b/ssl.h
index f3bae32..6921cf3 100644
--- a/ssl.h
+++ b/ssl.h
@@ -456,7 +456,6 @@ struct tls_options
const char *auth_user_pass_verify_script;
bool auth_user_pass_verify_script_via_file;
const char *tmp_dir;
- bool username_as_common_name;
/* use the client-config-dir as a positive authenticator */
const char *client_config_dir_exclusive;
@@ -465,6 +464,12 @@ struct tls_options
struct env_set *es;
const struct plugin_list *plugins;
+ /* configuration file boolean options */
+# define SSLF_CLIENT_CERT_NOT_REQUIRED (1<<0)
+# define SSLF_USERNAME_AS_COMMON_NAME (1<<1)
+# define SSLF_AUTH_USER_PASS_OPTIONAL (1<<2)
+ unsigned int ssl_flags;
+
#ifdef MANAGEMENT_DEF_AUTH
struct man_def_auth_context *mda_context;
#endif