summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Palfrader <peter@palfrader.org>2017-01-02 10:55:53 +0100
committerPeter Palfrader <peter@palfrader.org>2017-01-02 10:55:53 +0100
commitb9d21406c26070c1f6fc785903f82d9a647e57f6 (patch)
tree55b70bda78f5829f5d4cfd70a32c53d361a69e7d
parenta6e19f816e78d4ae2ed22988edf67a48d00c6b00 (diff)
Use verify-x509-name where possible
-rwxr-xr-xGenerate6
1 files changed, 5 insertions, 1 deletions
diff --git a/Generate b/Generate
index 6eff8d3..66677a6 100755
--- a/Generate
+++ b/Generate
@@ -683,7 +683,11 @@ hostlist.each{ |host|
else
conffile.puts "tls-client"
end
- conffile.puts "tls-remote %s.%s"%[peer['name'], $config['cadndomain']]
+ if host['openvpn_ge_23']
+ conffile.puts "verify-x509-name \"%s%s.%s\""%[$config['x509nameprefix'], peer['name'], $config['cadndomain']]
+ else
+ conffile.puts "tls-remote %s.%s"%[peer['name'], $config['cadndomain']]
+ end
if host['pkcs12']
conffile.puts "pkcs12 #{$NAMESPACE}-%s.%s.p12"%[host['name'], $config['cadndomain']]
else