Hi! I've written an OpenVPN tls-verify script, which I want to give to the project for inclusion as an verify-cn sample script. I've set the licence to GPL2 but if something else is needed please just tell me. The script is written in python. Please reply to me in CC as I'm not on the list.
About the script: This script checks if the peer is in the allowed user list by checking the CN (common name) of the X509 certificate against a provided text file. For example in OpenVPN, you could use the directive (as one line): tls-verify "/usr/local/sbin/ovpnCNcheck.py /etc/openvpn/userlist.txt" This would cause the connection to be dropped unless the client common name is within the userlist.txt. Every line should hold one regular expression which can also be just one common name (don't forget to escape stuff like .?^()[]\ with a \). Empty or lines which start with a # are ignored. -- Regards, Robert ---------------- Robert Penz robert AT penz DOT name
ovpnCNcheck.py
Description: application/python