diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2011-06-30 11:43:38 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2011-10-21 14:51:45 +0200 |
commit | dd4cdb9ee740527f32198ef27b9901e396e045be (patch) | |
tree | a84d64204427ccd208f1bd0a54316d4d348c40f3 /ssl_verify_backend.h | |
parent | 971790dae113e4665e1508ab17698047e7321c69 (diff) | |
download | openvpn-dd4cdb9ee740527f32198ef27b9901e396e045be.tar.gz openvpn-dd4cdb9ee740527f32198ef27b9901e396e045be.tar.xz openvpn-dd4cdb9ee740527f32198ef27b9901e396e045be.zip |
Added function to verify and extract the username
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'ssl_verify_backend.h')
-rw-r--r-- | ssl_verify_backend.h | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ssl_verify_backend.h b/ssl_verify_backend.h index 31b5210..82109c8 100644 --- a/ssl_verify_backend.h +++ b/ssl_verify_backend.h @@ -84,4 +84,20 @@ void cert_hash_remember (struct tls_session *session, const int cert_depth, */ bool verify_get_subject (char **subject, x509_cert_t *cert); +/* + * Retrieve the certificate's username from the specified field. + * + * If the field is prepended with ext: and ENABLE_X509ALTUSERNAME is enabled, + * it will be loaded from an X.509 extension + * + * @param cn Buffer to return the common name in. + * @param cn_len Length of the cn buffer. + * @param x509_username_field Name of the field to load from + * @param cert Certificate to retrieve the common name from. + * + * @return \c 1 on failure, \c 0 on success + */ +bool verify_get_username (char *common_name, int cn_len, + char * x509_username_field, X509 *peer_cert); + #endif /* SSL_VERIFY_BACKEND_H_ */ |