| Message ID | 20210916164641.867248-1-tincantech@protonmail.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [Openvpn-devel] Correct --client-disconnect environment variable common_name | expand |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 The commit message is incorrect. Not *always* but "after a renegotiation" then *always* I'll resubmit again after some final testing. R Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, September 16th, 2021 at 17:46, <stringvest88@gmail.com> wrote: > From: Richard T Bonhomme tincantech@protonmail.com > > --client-disconnect is always passed the X509 certificate common_name, > > which is incorrect when --username-as-common-name is used. > > Set the environment variable common_name to the correct value, prior to > > calling --client-disconnect. > > Resolves https://community.openvpn.net/openvpn/ticket/160 > > Signed-off-by: Richard T Bonhomme tincantech@protonmail.com > > src/openvpn/multi.c | 3 +++ > > 1 file changed, 3 insertions(+) > > diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c > > index 22357cfb..18ee5e52 100644 > > --- a/src/openvpn/multi.c > > +++ b/src/openvpn/multi.c > > @@ -557,6 +557,9 @@ setenv_stats(struct context *c) > > static void > > multi_client_disconnect_setenv(struct multi_instance *mi) > > { > > - /* setenv client current common-name */ > > - setenv_str(mi->context.c2.es, "common_name", tls_common_name(mi->context.c2.tls_multi, true)); > > - /* setenv client real IP address */ > > setenv_trusted(mi->context.c2.es, get_link_socket_info(&mi->context)); > > > 2.25.1 -----BEGIN PGP SIGNATURE----- Version: ProtonMail wsBzBAEBCAAGBQJhQ68bACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ3Mogf+OX2Aj37g3VmepoBmyefgwHdxf6kf5Bfogns3GvEwcL459ciZ OfDlWF1L7TyUX4ddSlApcbMCCb3r2iuLwgf4/LHc1RgybONaNCXk1lRqhQW4 eer6XYSGSjtdirdqCic3VGE0Zb61dtjEUzBFIGPsnZMD4bioXSwZ/aZ9ol/9 +zBZlkN4Pbk+I25D3AIXMCiZf3rl++BLlVYy/MND8VpiQi6wCj9K5r/YB2CI AY1c+V7KjaUhSD6rwpchz9bQnYSTwvwOlv+3gggGXiiExy8HCieXLNybPJYq 3DhM3PPUt9zYgoOdD5BUUCArpU1DX1yt9FlD6Nl3Tjm1z2ST5TefnQ== =OGdj -----END PGP SIGNATURE-----
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 22357cfb..18ee5e52 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -557,6 +557,9 @@ setenv_stats(struct context *c) static void multi_client_disconnect_setenv(struct multi_instance *mi) { + /* setenv client current common-name */ + setenv_str(mi->context.c2.es, "common_name", tls_common_name(mi->context.c2.tls_multi, true)); + /* setenv client real IP address */ setenv_trusted(mi->context.c2.es, get_link_socket_info(&mi->context));