Added --x509-track option.

Version 2.1.3e


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6780 e7ae566f-a301-0410-adde-c780ea21d3b5

1 files changed, 9 insertions, 0 deletions

diff --git a/options.c b/options.c
index 95b6254..2ba18ec 100644
--- a/options.c
+++ b/options.c
@@ -540,6 +540,8 @@ static const char usage_message[] =
   "                  of verification.\n"
   "--ns-cert-type t: Require that peer certificate was signed with an explicit\n"
   "                  nsCertType designation t = 'client' | 'server'.\n"
+  "--x509-track x  : Save peer X509 attribute x in environment for use by\n"
+  "                  plugins and management interface.\n"
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L
   "--remote-cert-ku v ... : Require that the peer certificate was signed with\n"
   "                  explicit key usage, you can specify more than one value.\n"
@@ -3651,6 +3653,13 @@ add_option (struct options *options,
       options->management_flags |= MF_CLIENT_AUTH;
     }
 #endif
+#ifdef ENABLE_X509_TRACK
+  else if (streq (p[0], "x509-track") && p[1])
+    {
+      VERIFY_PERMISSION (OPT_P_GENERAL);
+      x509_track_add (&options->x509_track, p[1], msglevel, &options->gc);
+    }
+#endif
 #ifdef MANAGEMENT_PF
   else if (streq (p[0], "management-client-pf"))
     {