diff options
| author | Heiko Hund <heiko.hund@sophos.com> | 2012-02-04 12:56:24 +0000 |
|---|---|---|
| committer | David Sommerseth <davids@redhat.com> | 2012-02-04 14:50:50 +0100 |
| commit | 5e86fd93779482b90a191f929edebe414cd78a4f (patch) | |
| tree | 2bcc361091366cd0c0e1cbba0af5a7a869b747dd /ssl_verify_openssl.h | |
| parent | fc3ee19dee6c66e2325a24e864b5328128404e83 (diff) | |
| download | openvpn-5e86fd93779482b90a191f929edebe414cd78a4f.tar.gz openvpn-5e86fd93779482b90a191f929edebe414cd78a4f.tar.xz openvpn-5e86fd93779482b90a191f929edebe414cd78a4f.zip | |
UTF-8 X.509 distinguished names
The UTF-8 support that came with commit 2627335 does allow international
usernames and passwords. This patch introduces UTF-8 support for X.509 DNs.
Additionally, instead of using the legacy openssl format, DNs are now
displayed in RFC 2253 format; "/C=ru/L=\xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0
\xB2\xD0\xB0/O=\xD0\x9A\xD1\x80\xD0\xB5\xD0\xBC\xD0\xBB\xD1\x8C/CN=kreml.ru"
becomes "C=ru, L=Москва, O=Кремль, CN=kreml.ru".
Since the specific character classes for X.509 names are removed, the
"no-name-remapping" configuration option has no use anymore and is removed
as well.
Signed-off-by: Heiko Hund <heiko.hund@sophos.com>
Acked-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'ssl_verify_openssl.h')
| -rw-r--r-- | ssl_verify_openssl.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl_verify_openssl.h b/ssl_verify_openssl.h index 4814d30..9c76d34 100644 --- a/ssl_verify_openssl.h +++ b/ssl_verify_openssl.h @@ -69,4 +69,6 @@ int verify_callback (int preverify_ok, X509_STORE_CTX * ctx); /** @} name Function for authenticating a new connection from a remote OpenVPN peer */ +char *_openssl_get_subject (X509 *cert, char *buf, int size); + #endif /* SSL_VERIFY_OPENSSL_H_ */ |