Code Review / vpp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 7139e75) | patch
tls: enforce certificate verification 72/10972/9
authorFlorin Coras <fcoras@cisco.com>
Tue, 6 Mar 2018 00:53:07 +0000 (16:53 -0800)
committerDave Barach <openvpp@barachs.net>
Wed, 7 Mar 2018 13:27:59 +0000 (13:27 +0000)
commit8f89dd01289ea9e97405432d2351a19c842dd6d5
tree67ab5d20f9ebbd34ee8d9fec2dfc3d97297fd0f7tree | snapshot
parent7139e757b13212f3fd8e3f3f401018375fed0c61commit | diff
tls: enforce certificate verification

- add option to use test certificate in the ca chain
- add hostname to extended session endpoint fields and connect api
  parameters. If hostname is present, certificate validation is
  enforced.
- use /etc/ssl/certs/ca-certificates.crt to bootstrap CA cert. A
  different path can be provided via startup config

Change-Id: I046f9c6ff3ae6a9c2d71220cb62eca8f7b10e5fb
Signed-off-by: Florin Coras <fcoras@cisco.com>
src/tests/vnet/session/tcp_echo.c diff | blob | history
src/vnet/session-apps/echo_client.c diff | blob | history
src/vnet/session-apps/proxy.c diff | blob | history
src/vnet/session-apps/tls.c diff | blob | history
src/vnet/session/application_interface.c diff | blob | history
src/vnet/session/application_interface.h diff | blob | history
src/vnet/session/session.api diff | blob | history
src/vnet/session/session.c diff | blob | history
src/vnet/session/session_api.c diff | blob | history
src/vnet/session/session_test.c diff | blob | history
src/vnet/session/stream_session.h diff | blob | history
Vector Packet Processing