[ipxe-devel] Proposed patch: support for SSL subjectAlternativeName certificates, two other useful features
Alex Chernyakhovsky
achernya at google.com
Tue Oct 15 20:31:45 UTC 2013
Just finished testing the OCSP patch, it applies on top of the previous 3,
hence the 4/4 in the subject.
Sincerely,
-Alex
On Tue, Oct 15, 2013 at 4:16 PM, Alex Chernyakhovsky <achernya at google.com>wrote:
> Hi Ken,
>
> You're correct, looks like I typo'd something while preparing the patches.
> Here's an updated copy of the patchset. I've also found an issue in the
> OCSP code while doing this testing, a patch likely forthcoming.
>
> Sincerely,
> -Alex
>
>
>
> On Tue, Oct 15, 2013 at 2:13 PM, Ken Simon <ninkendo at gmail.com> wrote:
>
>> Alex,
>>
>> I think there's a typo in your implementation of dns_wildcard_matcher:
>>
>> + const char* first_dot = strchr (dns, '*') ;
>>
>> you probably want:
>>
>> + const char* first_dot = strchr (dns, '.') ;
>>
>> Fixing the patch in that way I was able to get wildcard certificates
>> to work with iPXE.
>>
>> --
>> Ken
>> _______________________________________________
>> ipxe-devel mailing list
>> ipxe-devel at lists.ipxe.org
>> https://lists.ipxe.org/mailman/listinfo.cgi/ipxe-devel
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131015/54eb6e34/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-Handle-OCSP-responses-that-don-t-provide-certificate.patch
Type: text/x-patch
Size: 1521 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131015/54eb6e34/attachment.bin>
More information about the ipxe-devel
mailing list