Hi Bas, > Le 11 juil. 2017 à 11:24, Wolvers, Bas <[email protected]> a écrit : > > Hi Emmanuel, > > This seems to work fine. > I've tested with 10000 CA certs, without the option on I get "tcp window > full" followed by tls fatal alerts, with the option on the connection works > fine. > > I haven't tested the crt-list option. >
good! > > Do you know if it is possible to add this to stable (1.5/1.6)? > My guess would be 'no' because it is a new feature, but I'm not sure what > your policy's are. > Merge in 1.8dev will be a good step. Emeric or Willy must find time to review and consider the merge. ++ Manu > Best regards, > > Bas > > -----Original Message----- > From: Emmanuel Hocdet [mailto:[email protected]] > Sent: maandag 10 juli 2017 17:46 > To: Wolvers, Bas > Cc: [email protected] > Subject: Re: Feature request: disable CA/distinguished names. > > > Hi Bas, > >> Le 10 juil. 2017 à 17:05, Wolvers, Bas <[email protected]> a écrit : >> >> Hi Emmanuel, >> >> I finally found time to test your patch. >> >> It works, but you can't seem to turn it off. >> no-ca-names seems to be active regardless of the option in the config file. >> > > oops i fail the double negation. > fix patch include. > >> I think I'll find time tomorrow to find out if it’s the global option or >> not, but my time is a bit limited unfortunately. >> >> Best regards, >> >> Bas > > Thanks for testing! > > Manu > >
