-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/03/11 15:39, Markus Koetter wrote:
> Hi,
>
> On 03/04/2011 08:26 PM, Samuli Seppänen wrote:
>> * Make the --x509-username-field feature an opt-in feature
>
> given the x509 username field is optional now, any chance to get x509 v3
> extensions as username [1] merged if they are made opt-in too?
>
commit 1e5a8a8d4461c1fb58b16760a7ac1aaf422fa396
Author: Markus Koetter <koet...@rrzn-hiwi.uni-hannover.de>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Fri Dec 10 20:30:09 2010 +0100
Add extv3 X509 field support to --x509-username-field
This allows using other X509 certificate fields for the certificate
authentication. To use altSubjectName, use
--x509-username-field ext:altSubjectName
This feature requires OpenVPN to be built with --enable-x509-alt-username
This patch is slightly modified, to honour --enable-x509-alt-username
compile time configuration. Two #ifdef's are added.
Signed-off-by: Markus Koetter <koet...@rrzn-hiwi.uni-hannover.de>
Signed-off-by: David Sommerseth <dav...@redhat.com>
Acked-by: David Sommerseth <dav...@redhat.com>
Signed-off-by: David Sommerseth <dav...@redhat.com>
It will appear in OpenVPN 2.3. It's already in allmerged, so by using the
development snapshots [1] or git source it can be tested already. I expect
us to start pushing 2.3 beta in 2-3 months. It all depends when v2.2 is
declared golden.
kind regards,
David Sommerseth
[1] <ftp://ftp.secure-computing.net/pub/FreeBSD/ports/openvpn-devel/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk14ricACgkQDC186MBRfrpj6wCgmW2lUysLnH5pUbHwIA3BLznf
r/EAoJOk3wPtpcAI3e8XoS/ya0PCjC4P
=Jpup
-----END PGP SIGNATURE-----
