DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

TLS client: Multi-OCSP check to cover intermediate CAs

Browse source 
This extends multi-OCSP support to verify status for intermediate CAs in
the server certificate chain.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2015-12-23 00:00:13 +02:00 committed by Jouni Malinen
parent d6b536f7e5
commit 0764dd6849
5 changed files with 81 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/crypto/tls_internal.c
View file

@ -200,12 +200,6 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
if (conn->client == NULL)
return -1;
if (params->flags & TLS_CONN_REQUIRE_OCSP_ALL) {
wpa_printf(MSG_INFO,
"TLS: ocsp=3 not supported");
return -1;
}
if (params->flags & TLS_CONN_EXT_CERT_CHECK) {
wpa_printf(MSG_INFO,
"TLS: tls_ext_cert_check=1 not supported");