Hi, On Sat, Feb 04, 2012 at 12:56:24PM +0000, Heiko Hund wrote: > Since the specific character classes for X.509 names are removed, the > "no-name-remapping" configuration option has no use anymore and is removed > as well.
--no-name-remapping appears again somewhat further down in openvpn.8,
we should remove it from there as well.
---------------- quote ----------------
String Types and Remapping
In certain cases, OpenVPN will perform remapping of characters in
strings. Essentially, any characters outside the set of permitted
characters for each string type will be converted to underbar ('_').
Q: Why is string remapping necessary?
A: It's an important security feature to prevent the malicious coding
of strings from untrusted sources to be passed as parameters to
scripts, saved in the environment, used as a common name, translated to
a filename, etc.
Q: Can string remapping be disabled?
A: Yes, by using the --no-name-remapping option, however this should be
considered an advanced option.
---------------- quote ----------------
(well, seems the whole section needs to be rewritten to reflect the new
remapping rules [if any])
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpxr2uyawYnt.pgp
Description: PGP signature
