From 260f66263dbb3104eabb930f86bf1fff02389509 Mon Sep 17 00:00:00 2001
From: Narayan Desai <desai@mcs.anl.gov>
Date: Tue, 19 May 2009 01:40:51 +0000
Subject: SSL: Implememt client-side server cN verification

git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5244 ce84e21b-d406-0410-9b95-82705330c041
---
 src/sbin/bcfg2 | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src/sbin')

diff --git a/src/sbin/bcfg2 b/src/sbin/bcfg2
index 070561dd9..337bdb888 100755
--- a/src/sbin/bcfg2
+++ b/src/sbin/bcfg2
@@ -46,7 +46,6 @@ class Client:
             'quick': Bcfg2.Options.CLIENT_QUICK,
             'debug': Bcfg2.Options.DEBUG,
             'drivers': Bcfg2.Options.CLIENT_DRIVERS,
-            'fingerprint': Bcfg2.Options.SERVER_FINGERPRINT,
             'dryrun': Bcfg2.Options.CLIENT_DRYRUN,
             'paranoid': Bcfg2.Options.CLIENT_PARANOID,
             'bundle': Bcfg2.Options.CLIENT_BUNDLE,
@@ -72,6 +71,7 @@ class Client:
             'key'             : Bcfg2.Options.CLIENT_KEY,
             'certificate'     : Bcfg2.Options.CLIENT_CERT,
             'ca'              : Bcfg2.Options.CLIENT_CA,
+            'serverCN'        : Bcfg2.Options.CLIENT_SCNS, 
             }
 
         self.setup = Bcfg2.Options.OptionParser(optinfo)
@@ -161,7 +161,8 @@ class Client:
                                                self.setup['password'],
                                                key = self.setup['key'],
                                                cert = self.setup['certificate'],
-                                               ca = self.setup['ca'])
+                                               ca = self.setup['ca'],
+                                               allowedServerCNs = self.setup['serverCN'])
 
             if self.setup['profile']:
                 try:
-- 
cgit v1.2.3-1-g7c22