diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2011-06-30 14:15:40 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2011-10-22 11:32:40 +0200 |
commit | 75c67073ed5d35b0efcd2a99492cf34339da08fb (patch) | |
tree | deb4f2137dd918ae06a50bf1e89f94690526eb3a /ssl.c | |
parent | a4c926bb5939d95d9e7c0dfd4b83e61a11f86c90 (diff) | |
download | openvpn-75c67073ed5d35b0efcd2a99492cf34339da08fb.tar.gz openvpn-75c67073ed5d35b0efcd2a99492cf34339da08fb.tar.xz openvpn-75c67073ed5d35b0efcd2a99492cf34339da08fb.zip |
Refactored tls-verify-plugin code
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'ssl.c')
-rw-r--r-- | ssl.c | 26 |
1 files changed, 3 insertions, 23 deletions
@@ -431,29 +431,9 @@ verify_cert(struct tls_session *session, x509_cert_t *cert, int cert_depth) if (cert_depth == 0 && verify_peer_cert(opt, cert, subject, common_name)) goto err; - /* call --tls-verify plug-in(s) */ - if (plugin_defined (opt->plugins, OPENVPN_PLUGIN_TLS_VERIFY)) - { - int ret; - - argv_printf (&argv, "%d %s", - cert_depth, - subject); - - ret = plugin_call (opt->plugins, OPENVPN_PLUGIN_TLS_VERIFY, &argv, NULL, opt->es, cert_depth, cert); - - if (ret == OPENVPN_PLUGIN_FUNC_SUCCESS) - { - msg (D_HANDSHAKE, "VERIFY PLUGIN OK: depth=%d, %s", - cert_depth, subject); - } - else - { - msg (D_HANDSHAKE, "VERIFY PLUGIN ERROR: depth=%d, %s", - cert_depth, subject); - goto err; /* Reject connection */ - } - } + /* call --tls-verify plug-in(s), if registered */ + if (verify_cert_call_plugin(opt->plugins, opt->es, cert_depth, cert, subject)) + goto err; /* run --tls-verify script */ if (opt->verify_command) |