From d56dec67dd09c8dd088d699c896e3013b5cfb2ef Mon Sep 17 00:00:00 2001
From: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>
Date: Tue, 28 Oct 2008 05:42:02 +0000
Subject: Change to pkitool/openssl.cnf so that calling scripts can set the
 KEY_NAME environmental variable to set the "name" X509 subject field in
 generated certificates.

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3460 e7ae566f-a301-0410-adde-c780ea21d3b5
---
 easy-rsa/2.0/openssl.cnf |  6 ++++++
 easy-rsa/2.0/pkitool     | 11 ++++++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

(limited to 'easy-rsa')

diff --git a/easy-rsa/2.0/openssl.cnf b/easy-rsa/2.0/openssl.cnf
index a781dda..3e4d3b3 100755
--- a/easy-rsa/2.0/openssl.cnf
+++ b/easy-rsa/2.0/openssl.cnf
@@ -74,6 +74,7 @@ stateOrProvinceName	= match
 organizationName	= match
 organizationalUnitName	= optional
 commonName		= supplied
+name			= optional
 emailAddress		= optional
 
 # For the 'anything' policy
@@ -86,6 +87,7 @@ localityName		= optional
 organizationName	= optional
 organizationalUnitName	= optional
 commonName		= supplied
+name			= optional
 emailAddress		= optional
 
 ####################################################################
@@ -137,6 +139,9 @@ organizationalUnitName		= Organizational Unit Name (eg, section)
 commonName			= Common Name (eg, your name or your server\'s hostname)
 commonName_max			= 64
 
+name				= Name
+name_max			= 64
+
 emailAddress			= Email Address
 emailAddress_default		= $ENV::KEY_EMAIL
 emailAddress_max		= 40
@@ -144,6 +149,7 @@ emailAddress_max		= 40
 # JY -- added for batch mode
 organizationalUnitName_default = $ENV::KEY_OU
 commonName_default = $ENV::KEY_CN
+name_default = $ENV::KEY_NAME
 
 # SET-ex3			= SET extension number 3
 
diff --git a/easy-rsa/2.0/pkitool b/easy-rsa/2.0/pkitool
index 56e485e..a18b1ae 100755
--- a/easy-rsa/2.0/pkitool
+++ b/easy-rsa/2.0/pkitool
@@ -27,6 +27,9 @@
 # Calling scripts can set the certificate organizational 
 # unit with the KEY_OU environmental variable. 
 
+# Calling scripts can also set the KEY_NAME environmental
+# variable to set the "name" X509 subject field.
+
 PROGNAME=pkitool
 VERSION=2.0
 DEBUG=0
@@ -237,6 +240,11 @@ if [ -z "$KEY_OU" ]; then
     KEY_OU=""
 fi
 
+# Set X509 Name string to empty string if undefined
+if [ -z "$KEY_NAME" ]; then
+    KEY_NAME=""
+fi
+
 # Set KEY_CN
 if [ $DO_ROOT -eq 1 ]; then
     if [ -z "$KEY_CN" ]; then
@@ -260,7 +268,7 @@ else
     fi
 fi
 
-export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_CN PKCS11_MODULE_PATH PKCS11_PIN
+export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_NAME KEY_CN PKCS11_MODULE_PATH PKCS11_PIN
 
 # Show parameters (debugging)
 if [ $DEBUG -eq 1 ]; then
@@ -277,6 +285,7 @@ if [ $DEBUG -eq 1 ]; then
     echo KEY_EXPIRE $KEY_EXPIRE
     echo CA_EXPIRE $CA_EXPIRE
     echo KEY_OU $KEY_OU
+    echo KEY_NAME $KEY_NAME
     echo DO_P11 $DO_P11
     echo PKCS11_MODULE_PATH $PKCS11_MODULE_PATH
     echo PKCS11_SLOT $PKCS11_SLOT
-- 
cgit