aboutsummaryrefslogtreecommitdiff
path: root/ssl.h
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2009-10-24 01:08:30 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2009-10-24 01:08:30 +0000
commit71b557ba9d2f29f667bda60870993b83aa8d21a8 (patch)
treedf12700d8c371b8159e39232c7f7de7c4d1dc99e /ssl.h
parentAdded "setenv GENERIC_CONFIG" directive, for generic configs (diff)
downloadopenvpn-71b557ba9d2f29f667bda60870993b83aa8d21a8.tar.xz
On server, lock session username against changes in mid-session TLS
renegotiations -- this is similer to how the common name is also locked. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5098 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'ssl.h')
-rw-r--r--ssl.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl.h b/ssl.h
index 06cd246..7e0bfb5 100644
--- a/ssl.h
+++ b/ssl.h
@@ -589,9 +589,10 @@ struct tls_multi
int n_soft_errors; /* errors due to unrecognized or failed-to-authenticate incoming packets */
/*
- * Our locked common name (cannot change during the life of this tls_multi object)
+ * Our locked common name and username (cannot change during the life of this tls_multi object)
*/
char *locked_cn;
+ char *locked_username;
#ifdef ENABLE_DEF_AUTH
/*