projects / mech_eap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4bc13bf) | patch
GnuTLS: Add support for domain_suffix_match
authorJouni Malinen <j@w1.fi>
Sun, 11 Jan 2015 11:29:17 +0000 (13:29 +0200)
committerJouni Malinen <j@w1.fi>
Sun, 11 Jan 2015 22:19:21 +0000 (00:19 +0200)
commit8ddcd6b9d4f1cdafc798d67d249ad737c5d466d4
treef9d6dab52432d6c9a38b13981bf2c31195397a32tree | snapshot
parent4bc13bf709850eb7844c5cb8351e2acd30d25ed9commit | diff
GnuTLS: Add support for domain_suffix_match

This implementation uses GnuTLS function
gnutls_x509_crt_check_hostname(). It has a bit different rules regarding
matching (allows wildcards in some cases, but does not use suffix
matching) compared to the internal implementation used with OpenSSL.
However, these rules are sufficiently close to each other to be of
reasonable use for most cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
src/crypto/tls_gnutls.c diff | blob | history
Moonshot GSS-API mechanism