diff options
author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2017-12-20 14:35:06 +0200 |
---|---|---|
committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2018-02-26 15:15:24 +0200 |
commit | 847297c1b1ca5b2e633187dec67612b07a2b0d44 (patch) | |
tree | 4fe76dcf46e0a641ec01086665a086ef1ab68b34 | |
parent | 8cc6697ffd1c872ddffc5cfd9ba6caaa9e1ccd77 (diff) | |
download | dmvpn-tools-847297c1b1ca5b2e633187dec67612b07a2b0d44.tar.bz2 dmvpn-tools-847297c1b1ca5b2e633187dec67612b07a2b0d44.tar.xz |
hub domain name extension
-rwxr-xr-x | dmvpn-ca | 11 | ||||
-rw-r--r-- | dmvpn-ca.conf | 2 | ||||
-rw-r--r-- | dmvpn.lua | 4 |
3 files changed, 16 insertions, 1 deletions
@@ -1131,6 +1131,17 @@ output = scan_choice( ) ) + local hosts = config.hub.hosts + if hosts then + cert:addExtension( + x509ext.new( + dmvpn.OID_HUB_HOSTS, + 'DER', + asn1.sequence_of(asn1.ia5string).encode(hosts) + ) + ) + end + local net_config = {} local pr_config = {} for subnet in get_subnets() do diff --git a/dmvpn-ca.conf b/dmvpn-ca.conf index d1c95cc..0b879b7 100644 --- a/dmvpn-ca.conf +++ b/dmvpn-ca.conf @@ -8,6 +8,8 @@ ca: curve: secp521r1 hub: + hosts: + - hubs.example.com subnets: - '10.0.0.0/8' - '172.16.0.0/16' @@ -3,4 +3,6 @@ Copyright (c) 2014-2018 Kaarle Ritvanen See LICENSE file for license details ]]-- -return {OID_IS_HUB='1.3.6.1.4.1.31536.1.1'} +local base = '1.3.6.1.4.1.31536.1.' + +return {OID_IS_HUB=base..'1', OID_HUB_HOSTS=base..'2'} |