Opened 7 years ago

Closed 7 years ago

#302 closed Bug / Defect (fixed)

[PATCH] Extended x509-track to allow SHA1 certificate hash to be extracted

Reported by: Samuli Seppänen Owned by:
Priority: major Milestone:
Component: Generic / unclassified Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc: james@…

Description

James Yonan provided a patch that was included in his 2.1-based SVN tree, but is not yet in 2.3/master. The attached patch has been forward-ported to merge cleanly. Full patch description below:

Extended x509-track to allow SHA1 certificate hash to be extracted,
e.g.:

  x509-track "+SHA1"

will extract the SHA1 certificate hash for all certs in the
client chain.

Attachments (1)

x509-track-sha1.patch (3.2 KB) - added by Samuli Seppänen 7 years ago.
Patch: Extended x509-track to allow SHA1 certificate hash to be extracted

Download all attachments as: .zip

Change History (3)

Changed 7 years ago by Samuli Seppänen

Attachment: x509-track-sha1.patch added

Patch: Extended x509-track to allow SHA1 certificate hash to be extracted

comment:1 Changed 7 years ago by David Sommerseth

Just a silly question. Any reason the tls_digest_{n} variable cannot be used? That's been available since OpenVPN 2.2.

I've submitted a patch with a man page update to document this variable:
http://thread.gmane.org/gmane.network.openvpn.devel/7659

comment:2 Changed 7 years ago by Samuli Seppänen

Resolution: fixed
Status: newclosed

This is now in Git.

Note: See TracTickets for help on using tickets.