Hello,
>>Unless you meant ISO 639-3 languages ;)
Yes, i meant exactly that :-)
Just trying to look at an example and try to understand what it`s doing.
I have no IT background and as middle age man taking first steps i come to
realise that it`s not so easy as taking first steps as a child :-)
>>If the purpose is to match common_name against username, tls-verify is not
>>the right tool. You can do that in the >>auth-user-pass-verify "script". OK
>>thank you, so i found something on a user forum:**************#!/bin/sh
user1="user1"
pass1="password1"
test "$user" = "${username}" && test "$pass" = "${password}" && exit 0
exit 1
**************To add more users and see them in the log, i change that
to:**************#!/bin/sh
echo "[${username}] [${X509_0_CN}]" <-- Thanks JJK
user1="username1"
cn1="commonname1"
user2="username2"
cn2="commonname2"
test "$user1" = "${username}" && test "$cn1" = "${X509_0_CN}" && exit 0
test "$user2" = "${username}" && test "$cn2" = "${X509_0_CN}" && exit 0
exit 1
**************
With succes :-)If a user tries to login with cert from another, no access and a
mention in the log.Since i not have too many users, this is sufficient enough
for me. Thank you all,André
------------------------------------------------------------------------------
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
