Hi!

I've written an OpenVPN tls-verify script, which I want to give to the project 
for inclusion as an verify-cn sample script.  I've set the licence to GPL2 
but if something else is needed please just tell me. The script is written in 
python. Please reply to me in CC as I'm not on the list.

About the script:

    This script checks if the peer is in the allowed
    user list by checking the CN (common name) of the
    X509 certificate against a provided text file.

    For example in OpenVPN, you could use the directive
    (as one line):

    tls-verify "/usr/local/sbin/ovpnCNcheck.py
                /etc/openvpn/userlist.txt"

    This would cause the connection to be dropped unless
    the client common name is within the userlist.txt.
    Every line should hold one regular expression which
    can also be just one common name (don't forget to escape
    stuff like .?^()[]\ with a \).
    Empty or lines which start with a # are ignored.


-- 
Regards,
Robert
----------------
Robert Penz
robert AT penz DOT name

Attachment: ovpnCNcheck.py
Description: application/python

Reply via email to