gistfile1.diff

--- /tmp/removed123.txt	2011-08-03 19:43:17.410510589 +0200
+++ /tmp/added123.txt	2011-08-03 19:43:17.450530589 +0200
@@ -1,19 +1,12 @@
--- a/ssl.c
+++ b/ssl.c
+++ b/ssl.h
+++ b/ssl_verify.c
 static void
-setenv_untrusted (struct tls_session *session)
-{
-  setenv_link_socket_actual (session->opt->es, "untrusted", &session->untrusted_addr, SA_IP_PORT);
-}
-
+static int
 static void
-string_mod_sslname (char *str, const unsigned int restrictive_flags, const unsigned int ssl_flags)
-{
-  if (ssl_flags & SSLF_NO_NAME_REMAPPING)
-    string_mod (str, CC_PRINT, CC_CRLF, '_');
-  else
-    string_mod (str, restrictive_flags, 0, '_');
-}
-
+static int
+static int
+static bool
 int
 verify_cert(struct tls_session *session, x509_cert_t *cert, int cert_depth)
 {
@@ -127,34 +120,4 @@
   goto done;
 }
 
-/** @} name Function for authenticating a new connection from a remote OpenVPN peer */
-
--- a/ssl.h
-/* Maximum length of the username in cert */
-#define TLS_USERNAME_LEN 64
-
-/* Legal characters in an X509 or common name */
-#define X509_NAME_CHAR_CLASS   (CC_ALNUM|CC_UNDERBAR|CC_DASH|CC_DOT|CC_AT|CC_COLON|CC_SLASH|CC_EQUAL)
-#define COMMON_NAME_CHAR_CLASS (CC_ALNUM|CC_UNDERBAR|CC_DASH|CC_DOT|CC_AT|CC_SLASH)
-
--- a/ssl_verify.c
-void
-int
-void
-int
-int
-bool
--- a/ssl_verify.h
-/* TEMP */
-int verify_peer_cert(const struct tls_options *opt, x509_cert_t *peer_cert,
-    const char *subject, const char *common_name);
-void
-verify_cert_set_env(struct env_set *es, x509_cert_t *peer_cert, int cert_depth,
-    const char *subject, const char *common_name,
-    const struct x509_track *x509_track);
-int verify_cert_call_plugin(const struct plugin_list *plugins, struct env_set *es,
-    int cert_depth, x509_cert_t *cert, char *subject);
-int verify_cert_call_command(const char *verify_command, struct env_set *es,
-    int cert_depth, x509_cert_t *cert, char *subject, const char *verify_export_cert);
-bool verify_check_crl_dir(const char *crl_dir, X509 *cert);
-
+++ b/ssl_verify.h