From: Selva Nair
Currently when the certificate is specified as "SUBJ:foo", the
string foo is assumed to be ascii. Change that and interpret
it as utf-8, convert to a wide string, and flag it as unicode
Signed-off-by: Selva Nair
From: Selva Nair
Have the cryptoapicert option find the first matching certificate
in store that is valid at the present time. Currently the first
found item, even if expired, is returned.
This makes it possible to update certifiates in store without having
to delete old
This one applies cleanly on top of master.
On Mon, Apr 2, 2018 at 7:44 AM, Steffan Karger wrote:
> Check the return values of management_query_cert() and
> tls_ctx_use_external_private_key(), and error out with a more descriptive
> error message. To do so, we make the
On 02-04-18 16:58, Selva Nair wrote:
> On Mon, Apr 2, 2018 at 8:37 AM, Steffan Karger wrote:
>> Also, this looks like a somewhat unrelated fix. I would have personally
>> preferred it in a separate patch (so we can e.g. backport it easily even
>> if we decide not not
On 06-02-18 06:53, Selva Nair wrote:
> On Mon, Feb 5, 2018 at 7:52 PM, Jonathan K. Bullard
>> Hi, I'd like to reopen this patch -- it seems to have gotten lost.
>> The patch is so old the line numbers are wrong but the code doesn't
>> seem to have changed.
One comment based on stare-at-code only:
On 12-03-18 02:17, selva.n...@gmail.com wrote:
> @@ -636,6 +640,8 @@ find_certificate_in_store(const char *cert_prop,
> HCERTSTORE cert_store)
> if (!*++p) /* unexpected end of string */
On 9 March 2018 at 04:38, Selva Nair wrote:
> I wanted to give this a quick test, but it doesn't apply.
> It seems you have patch 116 (Antonio's "inline-tag changed to bool"
> patch) in your local repo.
Oops, you're right - this was based on top of my local working
Check the return values of management_query_cert() and
tls_ctx_use_external_private_key(), and error out with a more descriptive
error message. To do so, we make the openssl-backed implementation of
tls_ctx_use_external_private_key() not throw fatal error anymore.
(And fix line wrapping while
I certainly don’t disagree with you.
However I think I’ve taken up enough bandwidth over this topic on
Openvpn-devel. Thank you all.
> On Apr 1, 2018, at 7:20 PM, Antonio Quartulli wrote:
>> On 02/04/18 10:12, Marvin Adeff wrote:
>> Even on the internet