[ipxe-devel] Proposed patch: support for SSL subjectAlternativeName certificates, two other useful features

Alex Chernyakhovsky achernya at google.com
Wed Oct 2 21:24:07 UTC 2013


Hi iPXE devel,

Please find attached 3 patches that I think are extremely useful. They
implement the following:

1. subjectAlternativeName support (and wildcard support) for SSL
certificates. This allows iPXE to validate certificates that have more than
one name, as many certs issued these days have sAN fields.
2. Allow setting/reading variables in base64.
3. Implement a "tokset" command that allows tokenizing and setting
variables.

Of these, the tokset patch is still rough, so I'd appreciate comments on
how to improve it.

Sincerely,
-Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131002/2f61edfc/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Implement-subject-alt-name-and-wildcard-certificates.patch
Type: application/octet-stream
Size: 6893 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131002/2f61edfc/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Implement-the-base64-setting-type.patch
Type: application/octet-stream
Size: 1531 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131002/2f61edfc/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-Implement-tokset.patch
Type: application/octet-stream
Size: 2586 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131002/2f61edfc/attachment-0002.obj>


More information about the ipxe-devel mailing list