Hi again,
Checking in again to see if there's any appetite for this.
Best,
Ashe
On Thu, Oct 15, 2020, at 5:52 PM, Ashe Connor wrote:
> Hi there,
>
> A year or two ago I submitted a patch for adding TLS client certificate
> validation to relayd. At the time it didn't make
Hi there,
A year or two ago I submitted a patch for adding TLS client certificate
validation to relayd. At the time it didn't make it in, and I stopped pursuing
it further. (https://marc.info/?l=openbsd-tech=154509330608643=2)
I'd still like to see this landed, if at all possible. I'm
On 18 Dec 2018, at 11:34, Ashe Connor wrote:
> Revised patch follows (includes mandoc changes).
Last bump.
Happy new year!
On Fri, Dec 14, 2018 at 10:58:06AM +0100, Sebastian Benoit wrote:
> The parse and config bits look good.
>
> And the use of tls* looks ok to me too, but I would like to have someone
> more familiar with it to give an ok though.
Sounds good.
> As for style, please make lines not longer than 80
> On 6 Dec 2018, at 16:17, Ashe Connor wrote:
>
> It's been a week or so, so bumping. (Benno was kind enough to offer a
> review but was time-poor recently.)
Another friendly ping. I'd love to do some more work on relayd but only if
it's desirable/worth someone's time to rev
On Thu, Dec 06, 2018 at 12:46:33PM +, Rivo Nurges wrote:
> I have planned to do it myself for quite long time but never got around
> doing it. In my testing it works great.
Excellent, I'm glad to hear!
> I have patch on top of this which allows to pass remote certificate
> and/or parts of
It's been a week or so, so bumping. (Benno was kind enough to offer a
review but was time-poor recently.)
Here's a diff for the manpage too.
Ashe
Index: usr.sbin/relayd/relayd.conf.5
===
RCS file:
On Mon, Nov 26, 2018 at 04:29:40PM +1100, Ashe Connor wrote:
> Wonderful. Here's a first pass at such a patch.
I should add, in addition to the regression test passing, I'm currently
test-running this patch on a live server where client certificates are
mandatory, and it's working well so far.
On Fri, Nov 23, 2018 at 04:41:21PM +0100, Sebastian Benoit wrote:
> > It appears that relayd doesn't support TLS client certificate validation
> > (in the manner that httpd does with "tls client ca [cafile]"). Would
> > there be interest in a patch that added such support?
>
> yes, a patch to
Hi all,
It appears that relayd doesn't support TLS client certificate validation
(in the manner that httpd does with "tls client ca [cafile]"). Would
there be interest in a patch that added such support?
Apologies if I've missed something obvious here.
Best,
Ashe
10 matches
Mail list logo