[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] TLS; a remote client to strict running daemon

Subject: Re: [Openvpn-users] TLS; a remote client to strict running daemon
From: Thomas Glanzmann <sithglan@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 6 Feb 2004 17:44:09 +0100

Hi Lumir,
I am not sure if this is what you want. But there are verify-scripts
available. With the help of them you can verify the cn of a remote
machine like the on attached.

Gruesse,
	Thomas

#!/usr/bin/perl -w

# Verify X509 Common Name

# Return 0 if cn matches the common name component of X509_NAME_oneline,
# 1 otherwise.

($depth, $cn) = @ARGV;

# debugging purposes
# print "<$cn> <$depth>\n";

if ($depth   == 1
&& $cn eq '/C=DE/ST=Bayern/L=Erlangen/O=Friedrich-Alexander.Universitaet/OU=Informatik.CIP-Pool.CA/CN=CA.Informatik/Email=ca@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx') {
	exit 0;
} elsif  ($depth == 0
&& $cn eq '/C=DE/ST=Bayern/L=Erlangen/O=Friedrich-Alexander.Universitaet/OU=Informatik.CIP-Pool/CN=glanzmann.dyndns.org/Email=sithglan@xxxxxxxxxxxxxxxxxxxx') {
	exit 0;
}

exit 1;

References:
- [Openvpn-users] TLS; a remote client to strict running daemon
  - From: Lumir Unzeitig

Prev by Date: Re: [Openvpn-users] Downloadable mailing list archive
Next by Date: [Openvpn-users] re: Easy-RSA config - help
Previous by thread: [Openvpn-users] TLS; a remote client to strict running daemon
Next by thread: [Openvpn-users] Re: TLS; a remote client to strict running daemon
Index(es):
- Date
- Thread