From 14566e4374229c39db96d60a88ffecc17273efa3 Mon Sep 17 00:00:00 2001
From: David Sommerseth <davids@redhat.com>
Date: Fri, 7 Jun 2013 12:15:23 +0200
Subject: Remove the --disable-eurephia configure option

This "feature" has been enabled since OpenVPN 2.2 without any reports that
this has been causing issues.  All it does is to add an extra environment
variable 'tls_digest_{n}' with the certificate SHA1 fingerprint/digest
hash.

Lets just simplify things by removing the possibility to disable this
environment variable.

Signed-off-by: David Sommerseth <davids@redhat.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1370600123-6029-1-git-send-email-dazo@users.sourceforge.net>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7660
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit e3d388652f59fd2ddd9c7f470f7ef62ee6b35595)
---
 src/openvpn/options.c    | 7 +------
 src/openvpn/ssl.c        | 5 +----
 src/openvpn/ssl_verify.c | 2 --
 3 files changed, 2 insertions(+), 12 deletions(-)

(limited to 'src')

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 23af272..82ed902 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -6,9 +6,7 @@
  *             packet compression.
  *
  *  Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
- *
- *  Additions for eurephia plugin done by:
- *         David Sommerseth <dazo@users.sourceforge.net> Copyright (C) 2009
+ *  Copyright (C) 2008-2013 David Sommerseth <dazo@users.sourceforge.net>
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License version 2
@@ -100,9 +98,6 @@ const char title_string[] =
 #ifdef ENABLE_PKCS11
   " [PKCS11]"
 #endif
-#ifdef ENABLE_EUREPHIA
-  " [eurephia]"
-#endif
 #if ENABLE_IP_PKTINFO
   " [MH]"
 #endif
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 8b864c8..8f6813d 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -7,10 +7,7 @@
  *
  *  Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
  *  Copyright (C) 2010 Fox Crypto B.V. <openvpn@fox-it.com>
- *
- *  Additions for eurephia plugin done by:
- *         David Sommerseth <dazo@users.sourceforge.net> Copyright (C) 2008-2009
- *
+ *  Copyright (C) 2008-2013 David Sommerseth <dazo@users.sourceforge.net>
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License version 2
diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c
index e651a8e..0670f2a 100644
--- a/src/openvpn/ssl_verify.c
+++ b/src/openvpn/ssl_verify.c
@@ -425,7 +425,6 @@ verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert
   setenv_str (es, envname, common_name);
 #endif
 
-#ifdef ENABLE_EUREPHIA
   /* export X509 cert SHA1 fingerprint */
   {
     unsigned char *sha1_hash = x509_get_sha1_hash(peer_cert, &gc);
@@ -434,7 +433,6 @@ verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert
     setenv_str (es, envname, format_hex_ex(sha1_hash, SHA_DIGEST_LENGTH, 0, 1,
 					  ":", &gc));
   }
-#endif
 
   /* export serial number as environmental variable */
   serial = x509_get_serial(peer_cert, &gc);
-- 
cgit