From 8f2c725bbb079f019b3bea788ebd417ece961b08 Mon Sep 17 00:00:00 2001
From: Robert Fischer <ml-openvpn@trispace.org>
Date: Thu, 21 Apr 2011 22:55:52 +0200
Subject: [PATCH] Documented --x509-username-field option
Signed-off-by: Robert Fischer <ml-openvpn@trispace.org>
---
openvpn.8 | 8 ++++++++
options.c | 2 +-
2 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/openvpn.8 b/openvpn.8
index 6444558..428233f 100644
a
|
b
|
the tls-verify script returns. The file name used for the certificate |
4356 | 4356 | is available via the peer_cert environment variable. |
4357 | 4357 | .\"********************************************************* |
4358 | 4358 | .TP |
| 4359 | .B \-\-x509-username-field fieldname |
| 4360 | Field in x509 certificate subject to be used as username (default=CN). |
| 4361 | .B Fieldname |
| 4362 | will be uppercased before matching. When this option is used, the |
| 4363 | --tls-remote option will match against the chosen fieldname instead |
| 4364 | of the CN. |
| 4365 | .\"********************************************************* |
| 4366 | .TP |
4359 | 4367 | .B \-\-tls-remote name |
4360 | 4368 | Accept connections only from a host with X509 name |
4361 | 4369 | or common name equal to |
diff --git a/options.c b/options.c
index 4a11f53..7a5e35d 100644
a
|
b
|
static const char usage_message[] = |
508 | 508 | "--pkcs12 file : PKCS#12 file containing local private key, local certificate\n" |
509 | 509 | " and optionally the root CA certificate.\n" |
510 | 510 | #ifdef ENABLE_X509ALTUSERNAME |
511 | | "--x509-username-field : Field used in x509 certificat to be username.\n" |
| 511 | "--x509-username-field : Field used in x509 certificate to be username.\n" |
512 | 512 | " Default is CN.\n" |
513 | 513 | #endif |
514 | 514 | #ifdef WIN32 |