Hi,
Andris Kalnozols from HP sent me the attached patch in order to make
upper casing the --x509-username-field optional so that fields called
something like "emailAddress" could be used.
He proposed using square brackets [1] in order to specify a field name that
should not be capitalized. Please consider its inclusion, or an
alternative to address this matter.
Thanks,
Alberto
[1]
x509-username-field foo -> will look for a field named FOO
x509-username-field [emailAddress] -> will look for emailAddress
--
Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred | http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
--- openvpn-2.3.2/src/openvpn/options.c.orig 2013-09-09 01:41:26.000000000 -0700
+++ openvpn-2.3.2/src/openvpn/options.c 2013-09-09 01:21:30.000000000 -0700
@@ -6750,8 +6750,23 @@
{
char *s = p[1];
VERIFY_PERMISSION (OPT_P_GENERAL);
- if( strncmp ("ext:",s,4) != 0 )
- while ((*s = toupper(*s)) != '\0') s++; /* Uppercase if necessary */
+ if (strncmp ("ext:", s, 4) != 0)
+ {
+ /* By default, the alphabetic characters of an alternate
+ * username field are uppercased. Accommodate special
+ * requirements, however, by leaving the field name
+ * unchanged if it is enclosed by square brackets.
+ */
+ size_t s_len;
+ s_len = strlen (s);
+ if (*s == '[' && *(s + s_len - 1) == ']')
+ {
+ memmove (s, s + 1, s_len - 2); /* strip the quoting brackets */
+ *(s + s_len - 2) = '\0';
+ }
+ else
+ while ((*s = toupper (*s)) != '\0') s++;
+ }
options->x509_username_field = p[1];
}
#endif /* ENABLE_X509ALTUSERNAME */
