Hi, Andris Kalnozols from HP sent me the attached patch in order to make upper casing the --x509-username-field optional so that fields called something like "emailAddress" could be used.
He proposed using square brackets [1] in order to specify a field name that should not be capitalized. Please consider its inclusion, or an alternative to address this matter. Thanks, Alberto [1] x509-username-field foo -> will look for a field named FOO x509-username-field [emailAddress] -> will look for emailAddress -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
--- openvpn-2.3.2/src/openvpn/options.c.orig 2013-09-09 01:41:26.000000000 -0700 +++ openvpn-2.3.2/src/openvpn/options.c 2013-09-09 01:21:30.000000000 -0700 @@ -6750,8 +6750,23 @@ { char *s = p[1]; VERIFY_PERMISSION (OPT_P_GENERAL); - if( strncmp ("ext:",s,4) != 0 ) - while ((*s = toupper(*s)) != '\0') s++; /* Uppercase if necessary */ + if (strncmp ("ext:", s, 4) != 0) + { + /* By default, the alphabetic characters of an alternate + * username field are uppercased. Accommodate special + * requirements, however, by leaving the field name + * unchanged if it is enclosed by square brackets. + */ + size_t s_len; + s_len = strlen (s); + if (*s == '[' && *(s + s_len - 1) == ']') + { + memmove (s, s + 1, s_len - 2); /* strip the quoting brackets */ + *(s + s_len - 2) = '\0'; + } + else + while ((*s = toupper (*s)) != '\0') s++; + } options->x509_username_field = p[1]; } #endif /* ENABLE_X509ALTUSERNAME */