403Webshell
Server IP : 172.67.191.97  /  Your IP : 104.23.197.209
Web Server : Apache/2.4.63 (Ubuntu)
System : Linux adminpruebas-Virtual-Machine 6.14.0-37-generic #37-Ubuntu SMP PREEMPT_DYNAMIC Fri Nov 14 22:10:32 UTC 2025 x86_64
User : www-data ( 33)
PHP Version : 8.4.5
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /usr/share/openvpn/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /usr/share/openvpn/verify-cn
#!/usr/bin/perl

# verify-cn -- a sample OpenVPN tls-verify script
#
# Return 0 if cn matches the common name component of
# subject, 1 otherwise.
#
# For example in OpenVPN, you could use the directive:
#
#   tls-verify "./verify-cn /etc/openvpn/allowed_clients"
#
# This would cause the connection to be dropped unless
# the client common name is listed on a line in the
# allowed_clients file.

die "usage: verify-cn cnfile certificate_depth subject" if (@ARGV != 3);

# Parse out arguments:
#   cnfile -- The file containing the list of common names, one per
#             line, which the client is required to have,
#             taken from the argument to the tls-verify directive
#             in the OpenVPN config file.
#             The file can have blank lines and comment lines that begin
#             with the # character.
#   depth  -- The current certificate chain depth.  In a typical
#             bi-level chain, the root certificate will be at level
#             1 and the client certificate will be at level 0.
#             This script will be called separately for each level.
#   x509   -- the X509 subject string as extracted by OpenVPN from
#             the client's provided certificate.
($cnfile, $depth, $x509) = @ARGV;

if ($depth == 0) {
    # If depth is zero, we know that this is the final
    # certificate in the chain (i.e. the client certificate),
    # and the one we are interested in examining.
    # If so, parse out the common name substring in
    # the X509 subject string.

    if ($x509 =~ / CN=([^,]+)/) {
        $cn = $1;
	# Accept the connection if the X509 common name
	# string matches the passed cn argument.
	open(FH, '<', $cnfile) or exit 1; # can't open, nobody authenticates!
        while (defined($line = <FH>)) {
	    if ($line !~ /^[[:space:]]*(#|$)/o) {
		chop($line);
		if ($line eq $cn) {
		    exit 0;
		}
	    }
	}
	close(FH);
    }

    # Authentication failed -- Either we could not parse
    # the X509 subject string, or the common name in the
    # subject string didn't match the passed cn argument.
    exit 1;
}

# If depth is nonzero, tell OpenVPN to continue processing
# the certificate chain.
exit 0;

Youez - 2016 - github.com/yon3zu
LinuXploit