Re: [libvirt] [PATCH 2/2] Add sanity checking of basic constraints, key purpose & key usage

[Eric Blake]

On 07/19/2011 07:55 AM, Daniel P. Berrange wrote:

Gnutls requires that certificates have basic constraints present
to be used as a CA certificate. OpenSSL doesn't add this data
by default, so add a sanity check to catch this situation. Also
validate that the key usage and key purpose constraints contain
correct data

* src/rpc/virnettlscontext.c: Add sanity checking of certificate
   constraints
---
  src/rpc/virnettlscontext.c |  132 +++++++++++++++++++++++++++++++++++++++++++-
  1 files changed, 130 insertions(+), 2 deletions(-)

ACK.

--
Eric Blake   ebl...@redhat.com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list