From: Selva Nair
Currently when the certificate is specified as "SUBJ:foo", the
string foo is assumed to be ascii. Change that and interpret
it as utf-8, convert to a wide string, and flag it as unicode
in CertFindCertifcateInStore().
Signed-off-by: Selva Nair
---
v2: rebased to v2 1/2 -- no co
From: Selva Nair
Have the cryptoapicert option find the first matching certificate
in store that is valid at the present time. Currently the first
found item, even if expired, is returned.
This makes it possible to update certifiates in store without having
to delete old ones. As a side effect,
Hi,
This one applies cleanly on top of master.
On Mon, Apr 2, 2018 at 7:44 AM, Steffan Karger wrote:
>
> Check the return values of management_query_cert() and
> tls_ctx_use_external_private_key(), and error out with a more descriptive
> error message. To do so, we make the openssl-backed imple
Hi,
On 02-04-18 16:58, Selva Nair wrote:
> On Mon, Apr 2, 2018 at 8:37 AM, Steffan Karger wrote:
>> Also, this looks like a somewhat unrelated fix. I would have personally
>> preferred it in a separate patch (so we can e.g. backport it easily even
>> if we decide not not backport the functional
Hi,
Thanks for looking at this.
On Mon, Apr 2, 2018 at 8:37 AM, Steffan Karger wrote:
>
> Hi,
>
> One comment based on stare-at-code only:
>
> On 12-03-18 02:17, selva.n...@gmail.com wrote:
> > @@ -636,6 +640,8 @@ find_certificate_in_store(const char *cert_prop,
> > HCERTSTORE cert_store)
> >
Hi,
On 06-02-18 06:53, Selva Nair wrote:
> On Mon, Feb 5, 2018 at 7:52 PM, Jonathan K. Bullard
> wrote:
>> Hi, I'd like to reopen this patch -- it seems to have gotten lost.
>>
>> The patch is so old the line numbers are wrong but the code doesn't
>> seem to have changed.
>>
>> I'm top-posting b
Hi,
One comment based on stare-at-code only:
On 12-03-18 02:17, selva.n...@gmail.com wrote:
> @@ -636,6 +640,8 @@ find_certificate_in_store(const char *cert_prop,
> HCERTSTORE cert_store)
> }
> if (!*++p) /* unexpected end of string */
> {
> +
Hi,
On 9 March 2018 at 04:38, Selva Nair wrote:
> I wanted to give this a quick test, but it doesn't apply.
>
> It seems you have patch 116 (Antonio's "inline-tag changed to bool"
> patch) in your local repo.
Oops, you're right - this was based on top of my local working branch,
which indeed inc
Check the return values of management_query_cert() and
tls_ctx_use_external_private_key(), and error out with a more descriptive
error message. To do so, we make the openssl-backed implementation of
tls_ctx_use_external_private_key() not throw fatal error anymore.
(And fix line wrapping while tou