This patch set tries to do X.509 name verification right. As discussed during FOSDEM 2013, changing --tls-remote to support RFC 2253 style subject DNs only was too radical as it broke more configurations than expected.
This makes --tls-remote work with old configurations again, but deprecates its use. As a replacement it introduces a new option for X.509 name verification that takes RFC 2253 subject DNs only. [PATCH 1/3] reintroduce --no-name-remapping option [PATCH 2/3] make --tls-remote compatible with pre 2.3 configs [PATCH 3/3] add new option for X.509 name verification
