Hi Emmanuel,

This seems to work fine.
I've tested with 10000 CA certs, without the option on I get "tcp window full" 
followed by tls fatal alerts, with the option on the connection works fine.

I haven't tested the crt-list option.


Do you know if it is possible to add this to stable (1.5/1.6)?
My guess would be 'no' because it is a new feature, but I'm not sure what your 
policy's are.

Best regards,

Bas

-----Original Message-----
From: Emmanuel Hocdet [mailto:[email protected]] 
Sent: maandag 10 juli 2017 17:46
To: Wolvers, Bas
Cc: [email protected]
Subject: Re: Feature request: disable CA/distinguished names.


Hi Bas,

> Le 10 juil. 2017 à 17:05, Wolvers, Bas <[email protected]> a écrit :
> 
> Hi Emmanuel,
> 
> I finally found time to test your patch.
> 
> It works, but you can't seem to turn it off.
> no-ca-names seems to be active regardless of the option in the config file.
> 

oops i fail the double negation.
fix patch include.

> I think I'll find time tomorrow to find out if it’s the global option or not, 
> but my time is a bit limited unfortunately.
> 
> Best regards,
> 
> Bas

Thanks for testing!

Manu


Reply via email to