summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Refactored HMAC functionsAdriaan de Jong2011-10-194-50/+155
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored message digest functionsAdriaan de Jong2011-10-197-73/+190
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored message digest type functionsAdriaan de Jong2011-10-195-47/+103
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored NTLM DES key generationAdriaan de Jong2011-10-193-8/+27
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored DES key manipulation functionsAdriaan de Jong2011-10-195-82/+142
| | | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Acked-by: James Yonan <james@openvpn.net> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored crypto initialisation functionsAdriaan de Jong2011-10-196-162/+193
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored SSL_clear_error()Adriaan de Jong2011-10-193-3/+11
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored show_available_* functionsAdriaan de Jong2011-10-194-91/+127
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored maximum cipher and hmac length constantsAdriaan de Jong2011-10-194-36/+46
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored OpenSSL-specific constantsAdriaan de Jong2011-10-195-23/+42
| | | | | | | | [David S: Fixed a few whitespace errors before merging] Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Refactored to rand_bytes for OpenSSL-independencyAdriaan de Jong2011-10-198-9/+166
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Changed configure to accept --with-ssl-type=opensslAdriaan de Jong2011-10-191-69/+84
| | | | | | Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Move block for "stale-routes-check" config inside #ifdef P2MP_SERVER blockGert Doering2011-10-091-19/+19
| | | | | | | | | options->stale_routes_ageing_time etc. are not defined otherwise, and compilation fails. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Davide Guerri <d.guerri@caspur.it> Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* New feauture: Add --stale-routes-checkDavide Guerri2011-09-305-0/+97
| | | | | | | | | | | | | | | | | | This patch adds a stale-routes-check option that takes 2 parameters: a ageing time (in seconds) and a check interval (in seconds). The latter defaults to the former if it's not present. Internally, a new "check" is added in multi_process_per_second_timers_dowork(). This check deletes stale routes and it is inspired to the function multi_reap_range(). We're running a very large connectivity infrastructure based on openVPN (more than 4000 different clients connected per day per server), so we can throughly check this patch (or, of course, any variant of it). Signed-off-by: Davide Guerri <d.guerri@caspur.it> Reviewed-by: David Sommerseth <davids@redhat.com> Acked-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Platform cleanup for NetBSDGert Doering2011-09-212-16/+72
| | | | | | | | | | | | | make TAP devices work (need to go via multiplex device /dev/tap) cleanup TUN devices at program end ("ifconfig tunX destroy") correctly setup TUN devices for "topology subnet" don't try to put TAP devices into TUNSIFHEAD mode (get rid of error message) Tested on NetBSD 5.1_STABLE / Sparc64 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* fix ipv6 compilation under macosx >= 1070 - v3JuanJo Ciarlante2011-09-214-8/+19
| | | | | | | | | | | | | - use __APPLE_USE_RFC_3542 for macosx build environment >= 1070 - define SOL_IP from IPPROTO_IP if it's missing In Linux man 7 ip says: "Using SOL_IP socket options level isn't portable, BSD-based stacks use IPPROTO_IP level." Signed-off-by: JuanJo Ciarlante <jjo+ml@google.com> Tested-by: Eric F Crist <ecrist@secure-computing.net> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fixed compile issues on FreeBSD and SolarisDavid Sommerseth2011-09-211-9/+8
| | | | | | | | | | | | In commit 7fb0e07ec3f7c5f6514523085dbe struct route changed and this change was not fixed in all places in tun.c, which caused a compilation error. A few whitespace fixes is added as well. OSX needs to be fixed as well, but this will be done in a separate patch. Tested-by: Eric F Crist <ecrist@secure-computing.net> (FreeBSD) Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fixed management interface bug where >FATAL notifications wereJames Yonan2011-09-051-5/+9
| | | | | | | | | | not being output properly because the management interface socket was being closed before the >FATAL notification could be transmitted. Version 2.1.14 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7587 e7ae566f-a301-0410-adde-c780ea21d3b5
* Minor fix to CC_PRINT char class -- treat DEL (ascii 127)James Yonan2011-09-011-1/+1
| | | | | | | | as a control char. Version 2.1.13. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7581 e7ae566f-a301-0410-adde-c780ea21d3b5
* add --mark option to set SO_MARK sockoptHeiko Hund2011-08-316-0/+38
| | | | | | Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* define IN6_ARE_ADDR_EQUAL macro for WIN32Heiko Hund2011-08-311-0/+6
| | | | | | | | | Windows headers do not define the IN6_ARE_ADDR_EQUAL macro. It needs to be defined locally when building for WIN32. Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* lowercase include header name in syshead.hHeiko Hund2011-08-311-1/+1
| | | | | | | | | | | | | | | Cross compiling for Windows is broken since commit 739fa9881f12e67dc8b9cadc7230e59e7fe42423 added the mixed case header name "NtDDNdis.h" to the file. While this header exists in a MinGW build environment it's lowercase there. Windows doesn't mind the case of a file name, but Linux does. So, lowercasing the filename will make openvpn build in both worlds. Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fixed a typo in win32.h that prevented building with Visual StudioSamuli Seppänen2011-08-251-1/+1
| | | | | | | Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Tested-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Additional Visual Studio 2008 build fixes to tun.cSamuli Seppänen2011-08-251-1/+2
| | | | | | | Tested-by: Samuli Seppänen <samuli@openvpn.net> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* USE_PF_INET6 by default for v2.3JuanJo Ciarlante2011-08-2510-246/+33
| | | | | | | | | | | | | | | | | - put all #ifdef'd code in place, kill the cpp symbol, - thus in v2.3 it's not actually possible to --disable-ipv6 :) RATIONALE: #1 some wacky compilers choke on #ifdef'd constructions for concatenated strings, and given that: #2 v2.3 has already transport ipv6 by default => doesn't justify putting effort on #1 to keep USE_PF_INET6 ifdef wraps. Signed-off-by: JuanJo Ciarlante <jjo+ml@google.com> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Replace 32-bit-based add_in6_addr() implementation by an 8-bit based oneGert Doering2011-08-251-18/+16
| | | | | | | | | | Windows has no 32-bit accessor to the union inside "struct in6_addr", and the 8-bit accessor is the only common denominator across BSD, Solaris, Linux and Windows... Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Samuli Seppänen <samuli@openvpn.net> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fix a Visual Studio 2008 build issue in socket.cSamuli Seppänen2011-08-251-1/+2
| | | | | | | Signed-off-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fix a Visual Studio 2008 build error in options.cSamuli Seppanen2011-08-251-0/+1
| | | | | | | | | | Partially fixes Trac ticket #137 Signed-off-by: Gert Doering <gert@greenie.muc.de> Tested-by: Samuli Seppänen <samuli@openvpn.net> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fix a Visual Studio 2008 build error in tun.cSamuli Seppanen2011-08-251-1/+1
| | | | | | | | | | Partially fixes ticket #137 Signed-off-by: Gert Doering <gert@greenie.muc.de> Tested-by: Samuli Seppänen <samuli@openvpn.net> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fix Microsoft Visual Studio incompatibility in plugin.cDavid Sommerseth2011-08-251-10/+10
| | | | | | | | | | | MS Visual Studio don't like to have struct members named in the variable declaration. Without this fix, Visual Studio is not able to compile the new v3 plug-in API. Signed-off-by: David Sommerseth <davids@redhat.com> Tested-by: Samuli Seppänen <samuli@openvpn.net> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
* Fixed a number of fatal build errors on Visual Studio 2008Samuli Seppänen2011-08-254-7/+13
| | | | | | | | | | Partially fixes ticket #137 Signed-off-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Tested-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Skip rather than fail test in addressless FreeBSD jails.Matthias Andree2011-08-241-1/+1
| | | | | | Signed-off-by: Matthias Andree <matthias.andree@gmx.de> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* remove legacy code to query IE proxy informationHeiko Hund2011-08-244-176/+0
| | | | | | | | | The code in ieproxy.[ch] is not used anywhere in OpenVPN anymore. So, there's no need to keep it. Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Merged TODO.IPv6 with TODO.ipv6 and README.IPv6 with README.ipv6Samuli Seppänen2011-08-244-116/+131
| | | | | | | | | | | Prior to this patch were two sets of IPv6 README/TODO files: one from payload and one from transport patchset. Unfortunately Git on Windows gets very confused of these files, as they only differ in case. This patch merges these sets into one. Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* remove function is_proto_tcp()Heiko Hund2011-08-242-7/+1
| | | | | | | | | | | The implementation of is_proto_tcp() was invalid since the IPv6 stuff got merged into master. There's proto_is_tcp() that does the same job right. Remove is_proto_tcp() and make its only caller use proto_is_tcp() instead. Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-By: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* add .gitignore to official repositoryHeiko Hund2011-08-241-0/+40
| | | | | | | | | | | This .gitignore make the output of git status a lot more readable. It was made from the dynamically generated files that showed after using both build system. Signed-off-by: Samuli Seppänen <samuli@openvpn.ne> Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-By: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* For all accesses to "struct route_list * rl", check first that rl is non-NULLGert Doering2011-08-242-7/+11
| | | | | | | | | In IPv4-only mode, this cannot happen, but if IPv6 is enabled and a servers pushes IPv6 routes and no IPv4 routes -> crash boom. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-By: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* "status" management interface command (version >= 2) will nowJames Yonan2011-08-243-4/+20
| | | | | | | | | | | | | | include the username for each connected user. This should generally be backward compatible with existing management interface clients since the new username field is added to the CLIENT_LIST header as well. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7539 e7ae566f-a301-0410-adde-c780ea21d3b5 Conflicts: multi.c - hash_iterator_init() takes only 2 arguments now. Signed-off-by: David Sommerseth <davids@redhat.com>
* CC_PRINT character class now allows any 8-bit character value >= 32.James Yonan2011-08-241-1/+1
| | | | | | | This is done to allow UTF-8 and restrict the use of control characters in usernames, passwords, common names, etc. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7538 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed issue where redirect-gateway block-local code was notJames Yonan2011-08-241-1/+1
| | | | | | | correctly calculating the two halves of the subnet if the gateway was in the upper half (Gert Doering). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7537 e7ae566f-a301-0410-adde-c780ea21d3b5
* Increased the --verb threshold for "PID_ERR replay" messagesJames Yonan2011-08-241-2/+2
| | | | | | | | to 4 from 3. Version 2.1.10 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7522 e7ae566f-a301-0410-adde-c780ea21d3b5
* Changed CC_PRINT character class to allow UTF-8 chars.James Yonan2011-08-242-2/+2
| | | | | | | | This allows usernames, common names, etc. to be UTF-8. Version 2.1.9 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7518 e7ae566f-a301-0410-adde-c780ea21d3b5
* Modified sanitize_control_message to remove redacted data fromJames Yonan2011-08-241-17/+29
| | | | | | | | control string rather than blotting it out with "_" chars. Version 2.1.8 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7482 e7ae566f-a301-0410-adde-c780ea21d3b5
* Redact "echo" directive strings from log, sinceJames Yonan2011-08-242-0/+9
| | | | | | | | | these strings (going forward) could conceivably contain security-sensitive data. Version 2.1.7 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7480 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merge branch 'svn-merger'David Sommerseth2011-08-2418-708/+1366
|\
| * Merge remote branch SVN 2.1 into the git treeDavid Sommerseth2011-08-1918-708/+1366
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hopefully the last SVN merge we need to do, as these merges are getting more and more difficult. Most of the files had minor changes, but due to the CRLF unification patch (commit 6b2883a637fe73492) we got an increased number of conflicts. In addition inclusion of IPv6 support makes the creates a lot of merge issues in route.c and socket.c This merge also reverts commit 7c18c6353904f8c6e7 which merged add_bypass_address() into add_host_route_if_nonlocal(). However the SVN tree began to use add_bypass_address() another place, where at first glance it did not be appropriate to use add_host_route_if_nonlocal(). This merge has gone through a 'make check' without any errors, but have not been tested more thoroughly yet. Conflicts: ChangeLog INSTALL INSTALL-win32.txt Makefile.am acinclude.m4 base64.c buffer.c buffer.h common.h configure.ac contrib/pull-resolv-conf/client.down contrib/pull-resolv-conf/client.up crypto.c cryptoapi.c easy-rsa/2.0/Makefile easy-rsa/2.0/README easy-rsa/2.0/build-ca easy-rsa/2.0/build-dh easy-rsa/2.0/build-inter easy-rsa/2.0/build-key easy-rsa/2.0/build-key-pass easy-rsa/2.0/build-key-pkcs12 easy-rsa/2.0/build-key-server easy-rsa/2.0/build-req easy-rsa/2.0/build-req-pass easy-rsa/2.0/clean-all easy-rsa/2.0/inherit-inter easy-rsa/2.0/list-crl easy-rsa/2.0/pkitool easy-rsa/2.0/revoke-full easy-rsa/2.0/sign-req easy-rsa/2.0/vars easy-rsa/2.0/whichopensslcnf easy-rsa/Windows/build-ca-pass.bat easy-rsa/Windows/build-key-pass.bat easy-rsa/Windows/build-key-server-pass.bat easy-rsa/Windows/init-config.bat easy-rsa/Windows/vars.bat.sample error.c error.h forward.c helper.c httpdigest.c httpdigest.h ieproxy.c init.c init.h install-win32/Makefile.am install-win32/makeopenvpn install-win32/openssl/openssl097.patch install-win32/openssl/openssl098.patch install-win32/openvpn.nsi list.c list.h manage.c manage.h management/management-notes.txt mbuf.c mbuf.h misc.c misc.h mroute.c mroute.h msvc/autodefs.h.in msvc/config.py msvc/msvc.mak mtcp.c mudp.c multi.c multi.h occ.c openvpn-plugin.h openvpn.8 openvpn.h options.c options.h otime.c otime.h perf.c pf.c ping.c pkcs11.c plugin.c plugin.h plugin/auth-pam/README plugin/auth-pam/auth-pam.c pool.c pool.h proto.h proxy.c ps.c push.c reliable.c route.c route.h sample-config-files/firewall.sh sample-scripts/bridge-start sample-scripts/bridge-stop sample-scripts/openvpn.init sample-scripts/verify-cn schedule.c schedule.h service-win32/openvpnserv.c sig.c socket.c socket.h socks.c socks.h ssl.c ssl.h status.c syshead.h tap-win32/SOURCES.in tap-win32/common.h tap-win32/proto.h tap-win32/tapdrvr.c tap-win32/types.h tun.c tun.h version.m4 win/autodefs.h.in win/build.py win/build_all.py win/build_ddk.py win/build_exe.py win/config.py win/config_all.py win/config_tap.py win/config_ti.py win/js.py win/make_dist.py win/msvc.mak.in win/settings.in win/show.py win/sign.py win/tap_span.py win/wb.py win32.c win32.h Signed-off-by: David Sommerseth <davids@redhat.com> Reviewed-by: Gert Doering <gert@greenie.muc.de> Reviewed-by: James Yonan <james@openvpn.net> Reviewed-by: Adriaan de Jong <dejong@fox-it.com>
| | * Fixed MSVC compile error related to r7408.James Yonan2011-07-062-3/+2
| | | | | | | | | | | | | | | | | | | | | Version 2.1.6. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7419 e7ae566f-a301-0410-adde-c780ea21d3b5
| | * Version 2.1.5.James Yonan2011-07-052-2/+2
| | | | | | | | | | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7412 e7ae566f-a301-0410-adde-c780ea21d3b5
| | * Added "management-query-remote" directive (client) to allowJames Yonan2011-07-059-12/+242
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the management interface to override the "remote" directive. See "remote" command in management/management-notes.txt for documentation. Version 2.1.4. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7410 e7ae566f-a301-0410-adde-c780ea21d3b5
| | * Extended x509-track to allow SHA1 certificate hash to be extracted,James Yonan2011-07-042-41/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e.g.: x509-track "+SHA1" will extract the SHA1 certificate hash for all certs in the client chain. Version 2.1.3z git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7408 e7ae566f-a301-0410-adde-c780ea21d3b5
generated by cgit (git 2.34.1) at 2025-09-29 15:25:31 +0000