diff options
| author | Steffan Karger <steffan@karger.me> | 2014-04-27 10:49:20 +0200 |
|---|---|---|
| committer | Gert Doering <gert@greenie.muc.de> | 2014-04-27 14:44:22 +0200 |
| commit | f80a52b09eed8e5e0cad990c56ec99256d6cc2d0 (patch) | |
| tree | b0bda1993d1a023562738c959c1ff845f8cf109f /src/openvpn/ssl_verify_backend.h | |
| parent | 6ea78cbef6367590567156a20106c620fec224c9 (diff) | |
| download | openvpn-f80a52b09eed8e5e0cad990c56ec99256d6cc2d0.tar.gz openvpn-f80a52b09eed8e5e0cad990c56ec99256d6cc2d0.tar.xz openvpn-f80a52b09eed8e5e0cad990c56ec99256d6cc2d0.zip | |
Make serial env exporting consistent amongst OpenSSL and PolarSSL builds.
This changes the representation of the tls_serial_{n} environment variable
from hex to decimal for PolarSSL builds, to match OpenSSL build behaviour.
Because hex representation for serials makes sense too, and to ease
transition for PolarSSL users, added tls_serial_hex_{n} that exports the
serial in hex represenation for both crypto library backends.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1398588561-18964-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8649
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/ssl_verify_backend.h')
| -rw-r--r-- | src/openvpn/ssl_verify_backend.h | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/src/openvpn/ssl_verify_backend.h b/src/openvpn/ssl_verify_backend.h index fa4369d..4e9ad60 100644 --- a/src/openvpn/ssl_verify_backend.h +++ b/src/openvpn/ssl_verify_backend.h @@ -113,18 +113,33 @@ result_t backend_x509_get_username (char *common_name, int cn_len, char * x509_username_field, openvpn_x509_cert_t *peer_cert); /* - * Return the certificate's serial number. + * Return the certificate's serial number in decimal string representation. * * The serial number is returned as a string, since it might be a bignum. * * @param cert Certificate to retrieve the serial number from. * @param gc Garbage collection arena to use when allocating string. * - * @return The certificate's serial number. + * @return String representation of the certificate's serial number + * in decimal notation, or NULL on error. */ char *backend_x509_get_serial (openvpn_x509_cert_t *cert, struct gc_arena *gc); /* + * Return the certificate's serial number in hex string representation. + * + * The serial number is returned as a string, since it might be a bignum. + * + * @param cert Certificate to retrieve the serial number from. + * @param gc Garbage collection arena to use when allocating string. + * + * @return String representation of the certificate's serial number + * in hex notation, or NULL on error. + */ +char *backend_x509_get_serial_hex (openvpn_x509_cert_t *cert, + struct gc_arena *gc); + +/* * Save X509 fields to environment, using the naming convention: * * X509_{cert_depth}_{name}={value} |