Support duplicate x509 field values in environment

As reported in trac #387, an x509 DN can contain duplicate fields.
Previously, we would overwrite any previous field value with a new one if
we would process a second same-name field.  Now, instead, append _$N,
starting at N=1 to the name for each consequent field to export all fields
to the enviroment.

v2 - make better use of const qualifiers in env_set_get(), and use strcpy()
     instead of memcpy() in setenv_str_incr()

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <CAA1AbxLoZpanyqfpJuroMeOj_M=gU5JB+pqZqRxYqaiNP754-g@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10654
Signed-off-by: Gert Doering <gert@greenie.muc.de>

1 files changed, 7 insertions, 0 deletions

diff --git a/Changes.rst b/Changes.rst
index 41629bd..a791ca3 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -36,6 +36,13 @@ LZ4 Compression
 
 User-visible Changes
 --------------------
+- For certificate DNs with duplicate fields, e.g. "OU=one,OU=two", both fields
+  are now exported to the environment, where each second and later occurrence
+  of a field get _$N appended to it's field name, starting at N=1.  For the
+  example above, that would result in e.g. X509_0_OU=one, X509_0_OU_1=two.
+  Note that this breaks setups that rely on the fact that OpenVPN would
+  previously (incorrectly) only export the last occurence of a field.
+
 - proto udp and proto tcp specify to use IPv4 and IPv6. The new
   options proto udp4 and tcp4 specify to use IPv4 only.