Re: [Openvpn-devel] [PATCH] Choose a different field in X509 to be username

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/06/10 16:51, Emilien Mantel wrote: > 1) Done > > 2) Done > > 3) "sizeof(common_name)" is useless... Line 745: char > common_name[TLS_USERNAME_LEN]; we can use directly TLS_USERNAME_LEN. Thanks a lot for the patch and all rework done. (Also: t

[Openvpn-devel] How to get destination IP address in UDP mode

Hi, my company using openvpn and we have more than 10 IP addresses on interface cards. And we accepting connections on all this interfaces. But we need to have statistics how much connections we have on IP address. In case of "local 0.0.0.0" I'm getting on connection string $local_1 "0.0.0.0"

Re: [Openvpn-devel] [PATCH] Choose a different field in X509 to be username

Le 17/06/2010 17:21, Alon Bar-Lev a écrit : On Thu, Jun 17, 2010 at 5:51 PM, Emilien Mantel wrote: 1) Done 2) Done 3) "sizeof(common_name)" is useless... Line 745: char common_name[TLS_USERNAME_LEN]; we can use directly TLS_USERNAME_LEN. Usually sizeof(XXX) should be used so if XX

Re: [Openvpn-devel] [PATCH] Choose a different field in X509 to be username

On Thu, Jun 17, 2010 at 5:51 PM, Emilien Mantel wrote: > 1) Done > > 2) Done > > 3) "sizeof(common_name)" is useless... Line 745: char > common_name[TLS_USERNAME_LEN]; we can use directly TLS_USERNAME_LEN. Usually sizeof(XXX) should be used so if XXX is modified there is no overrun (Single point

Re: [Openvpn-devel] [PATCH] Choose a different field in X509 to be username

1) Done 2) Done 3) "sizeof(common_name)" is useless... Line 745: char common_name[TLS_USERNAME_LEN]; we can use directly TLS_USERNAME_LEN. 4) I note "common_name" is used everwhere in OpenVPN code... I can rename it with a big sed :) But substitute all "common_name" is very heavy : emilienm

Re: [Openvpn-devel] [PATCH] Choose a different field in X509 to be username

Great. Few more: 1. To upper: char *s = p[1]; while ((*s = toupper(*s)) != '\0') s++; 2. Remove compound {} at this place, move the char *s before the VERIFY_PERMISSION. 3. I think: """ extract_x509_field_ssl (X509_get_subject_name (ctx->current_cert), x509_username_field, common_name, TLS_USERNA

Re: [Openvpn-devel] [PATCH] Choose a different field in X509 to be username

I added toupper() + #include in options.c See attached. -- Emilien Mantel Le 17/06/2010 14:02, Alon Bar-Lev a écrit : This is good idea. In order to upper case toupper() should be used and not manual guessing. + else if (streq (p[0], "x509-username-field")&& p[1]) +{ + VERIFY_PER

Re: [Openvpn-devel] [PATCH] Choose a different field in X509 to be username

This is good idea. In order to upper case toupper() should be used and not manual guessing. + else if (streq (p[0], "x509-username-field") && p[1]) +{ + VERIFY_PERMISSION (OPT_P_GENERAL); + /* Uppercase if necessary */ + { + char *s = p[1]; + int c, flag = 0; + +

[Openvpn-devel] Topics for today's meeting

Hi, Here are some topics for today's meeting (18:00 UTC, #openvpn-de...@irc.freenode.net). The topic list is still a little short, so please don't hesitate to suggest more topics. You can send the topics directly to me, to this list

Re: [Openvpn-devel] [PATCH] Choose a different field in X509 to be username

> Hi, > > For my company, we use a PKI (linked to a LDAP) with OpenVPN. We can't > use "CN" to be username (few people can have the same "CN"). In our > case, we only use the UID. > > With my patch, you can choose another field to be username with a new > option called "x509-username-field", the d

Re: [Openvpn-devel] [Openvpn-users] FW: Patch submission - git crash course ?

Samuli Seppänen wrote: > git clone > # do your changes > # then git to create and mail a patch to -devel chantra wrote: > # do changes > $ git diff > my_patch Please make sure to always create commits in your repo before sending a patch. Once you have made a commit it is easy to generate a pat

[Openvpn-devel] [PATCH] Choose a different field in X509 to be username

Hi, For my company, we use a PKI (linked to a LDAP) with OpenVPN. We can't use "CN" to be username (few people can have the same "CN"). In our case, we only use the UID. With my patch, you can choose another field to be username with a new option called "x509-username-field", the default val