diff options
| author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-10-28 20:01:05 +0000 |
|---|---|---|
| committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-10-28 20:01:05 +0000 |
| commit | 24ce3b27fb2c9fd53bd521e1dd524ad64e338e68 (patch) | |
| tree | 7c15fb7c5ba8a9f0ab1a7c1834d356e677efd458 /ssl.h | |
| parent | Change to pkitool/openssl.cnf so that calling scripts can (diff) | |
| download | openvpn-24ce3b27fb2c9fd53bd521e1dd524ad64e338e68.tar.xz | |
Added server-side --auth-user-pass-optional directive, to allow
connections by clients that do not specify a username/password, when a
user-defined authentication script/module is in place (via
--auth-user-pass-verify, --management-client-auth, or a plugin module).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3461 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to '')
| -rw-r--r-- | ssl.h | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -456,7 +456,6 @@ struct tls_options const char *auth_user_pass_verify_script; bool auth_user_pass_verify_script_via_file; const char *tmp_dir; - bool username_as_common_name; /* use the client-config-dir as a positive authenticator */ const char *client_config_dir_exclusive; @@ -465,6 +464,12 @@ struct tls_options struct env_set *es; const struct plugin_list *plugins; + /* configuration file boolean options */ +# define SSLF_CLIENT_CERT_NOT_REQUIRED (1<<0) +# define SSLF_USERNAME_AS_COMMON_NAME (1<<1) +# define SSLF_AUTH_USER_PASS_OPTIONAL (1<<2) + unsigned int ssl_flags; + #ifdef MANAGEMENT_DEF_AUTH struct man_def_auth_context *mda_context; #endif |