Hi Gert. I think the solution to my problem is for me to use a client-connect script to handle the quirks of my particular use case without requiring anything from the openvpn code. I can get the Common Name in the script and then search for the file with my naming convention as needed or return an error if none is found. This way I can keep the functionality of ccd-exclusive and compat-names while not requiring any name munging within openvpn itself.
I agree that maintaining code paths for all the possible scenarios is not desirable and you already provide a great way for me to extend your code with the script hooks that have been in place for years. Thanks for your quick response and for making a great piece of software! Tom On 23/10/14 03:10 PM, Gert Doering wrote: > Hi, > > On Thu, Oct 23, 2014 at 11:06:27AM -0400, Tom Parker wrote: >> We have recently upgrades to openvpn 2.3 and this name remapping has >> been removed. I appreciate that for lots of things not changing the >> Common Name at all is the correct behaviour but i'm wondering if there >> is a flag that can be set to retain the behaviour for ccd files. >> >> With the current version compat-names still works but it has been >> deprecated and will be removed according to the docs in the source code. >> >> I would rather not have spaces in my file names as that makes all kinds >> of other scripts more difficult to manage. Sadly, regenerating all the >> certificate common names will not be a trivial task either. >> >> Is there a plan to maintain backwards compatability with ccd files that >> have spaces mapped to underscores? > Well, such questions really should be discussed on the openvpn-devel > mailing list (as not all developers read here, and if we try to search > something in the archives, we won't do it on the -user list...). > > We always strive to get rid of code that "is no longer needed" or > "should not be needed", and this is one of these code paths, which is > why we planned to remove it (and, well, compat-names really breaks > things for users with non-ASCII user names, because all of a sudden, > all users are named "_______"...) > > I see your point about the ccd file names, but I worry that if we > change that *again* (= always change spaces to underscores, but do > no other name remapping) we might break people's configs *again* for > those who have converted to "User Name" format already... > > Anyway. I think we'd discuss a patch very thoroughly that would do > this, and not reject it right away :-) (but over there in the -devel > list). > > gert > ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
