[prev in list] [next in list] [prev in thread] [next in thread]
List: libreswan-commit
Subject: [Swan-commit] Changes to ref refs/heads/main
From: Andrew Cagney <cagney () vault ! libreswan ! fi>
Date: 2021-12-30 4:34:05
Message-ID: 4JPb5B06xXz2J37 () vault ! libreswan ! fi
[Download RAW message or body]
New commits:
commit b915246a403ad6988739c3d404f0929d314634a9
Author: Andrew Cagney <cagney@gnu.org>
Date: Wed Dec 29 22:26:38 2021 -0500
connections: drop get_id_from_cert (nee fromcert) parameter to refine_host_connection*()
refine_host_connection*() was setting GET_ID_FROM_CERT when, for
ID_DER_ASN1_DN, match_dn_any_order_wild() returned a wildcard match
(called via match_id).
Instead:
- have match_end_cert_id() return the replacement ID when, for
ID_DER_ASN1_DN, match_dn_any_order_wild() returns a wildcard match
(in addition to ID_FROMCERT)
that way callers can update ID when match_end_cert_id() succeeds
- and when match_end_cert_id() fails, but POLICY_ALLOW_NO_SAN (the
cert chain validated), again update ID
- drop other code paths trying to update the ID
_______________________________________________
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic