[PATCH] Load "app:" keys by URL
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed May 4 08:20:46 PDT 2016
On Wed, May 4, 2016 at 1:23 PM, David Woodhouse <dwmw2 at infradead.org> wrote:
> On Sun, 2016-04-24 at 22:50 -0700, Kevin Cernekee wrote:
>>
>> - key_is_sys = !strncmp(vpninfo->sslkey, "system:", 7);
>> - cert_is_sys = !strncmp(vpninfo->cert, "system:", 7);
>> + key_is_sys = !strncmp(vpninfo->sslkey, "system:", 7) ||
>> + !strncmp(vpninfo->sslkey, "app:", 4);
>> + cert_is_sys = !strncmp(vpninfo->cert, "system:", 7) ||
>> + !strncmp(vpninfo->cert, "app:", 4);
> On further reflection... rather than hard-coding knowledge of which
> things GnuTLS might or might not recognise, can we please have an API
> to *ask* it?
That is already there. Check gnutls_url_is_supported().
regards,
Nikos
More information about the openconnect-devel
mailing list