Hi! I've written an OpenVPN tls-verify script, which I want to give to the project for inclusion as an verify-cn sample script. I've set the licence to GPL2 but if something else is needed please just tell me. The script is written in python. Please reply to me in CC as I'm not on the list.
About the script:
This script checks if the peer is in the allowed
user list by checking the CN (common name) of the
X509 certificate against a provided text file.
For example in OpenVPN, you could use the directive
(as one line):
tls-verify "/usr/local/sbin/ovpnCNcheck.py
/etc/openvpn/userlist.txt"
This would cause the connection to be dropped unless
the client common name is within the userlist.txt.
Every line should hold one regular expression which
can also be just one common name (don't forget to escape
stuff like .?^()[]\ with a \).
Empty or lines which start with a # are ignored.
--
Regards,
Robert
----------------
Robert Penz
robert AT penz DOT name
ovpnCNcheck.py
Description: application/python
