-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8449/
-----------------------------------------------------------
(Updated Dec. 12, 2012, 10:23 p.m.)
Review request for qpid and Rafael Schloming.
Changes
-------
Take #2.
Added support for checking SubjectAltName DNS entries, as described in RFC2818.
Added support for matching certificates that contain wildcarded DNS names.
Removed the whole "set_peer_hostname_match" pattern stuff.
Added a bool flag to set_peer_hostname, if True, check hostname against
certficate, else don't (just do SNI)
.... Profit???
Description
-------
Adds an API call to set the hostname which is used for Server Name Indication
as well as Common Name matching. Right now only support exact text match - no
wildcarding.
This addresses bug proton-161.
https://issues.apache.org/jira/browse/proton-161
Diffs (updated)
-----
/proton/trunk/proton-c/bindings/python/proton.py 1420411
/proton/trunk/proton-c/include/proton/ssl.h 1420411
/proton/trunk/proton-c/src/ssl/openssl.c 1420411
/proton/trunk/tests/proton_tests/ssl.py 1420411
/proton/trunk/tests/proton_tests/ssl_db/README.txt 1420411
/proton/trunk/tests/proton_tests/ssl_db/ca-certificate.pem 1420411
/proton/trunk/tests/proton_tests/ssl_db/ca-private-key.pem PRE-CREATION
/proton/trunk/tests/proton_tests/ssl_db/client-certificate.pem 1420411
/proton/trunk/tests/proton_tests/ssl_db/client-private-key.pem 1420411
/proton/trunk/tests/proton_tests/ssl_db/server-certificate.pem 1420411
/proton/trunk/tests/proton_tests/ssl_db/server-private-key.pem 1420411
Diff: https://reviews.apache.org/r/8449/diff/
Testing
-------
Updated ssl unit tests.
Thanks,
Kenneth Giusti
