Changes committed to git://oss.sgi.com/pcp/pcp.git nssmerge
qa/712 | 8 +++-
qa/712.out | 2 -
src/include/pcp/impl.h | 2 -
src/libpcp/src/auxconnect.c | 75 +++++++++++++++++++++++++++++++++++++++++---
src/libpcp/src/connect.c | 12 ++++---
5 files changed, 85 insertions(+), 14 deletions(-)
commit c8f063df02c618e67540eb5d95e01ff2e396348c
Author: Nathan Scott <nathans@xxxxxxxxxx>
Date: Wed Jan 9 15:10:40 2013 +1100
Improvements around host name handling with SSL certificates
Adds a "bad certificate handler" into libpcp client side SSL
connections, so that failures due to mismatching server DNS
names can result in a verbose warning listing all alternative
names. Additionally, now correctly calling into the setURL
SSL API at the appropriate place, which involved a little bit
of refactoring to ensure the hostname was available (rather
than everything dealing with the socket fd only).
Test 712 is updated to use certificates with an alternative
DNS name for kicks, to resolve some permissions issues with
the system-wide certificate DBs it creates, and to filter out
explicit hostnames from the .out file.
|