DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Add peer certificate alt subject name information to EAP events

Browse source 
A new "CTRL-EVENT-EAP-PEER-ALT depth=<i> <alt name>" event is now used
to provide information about server certificate chain alternative
subject names for upper layers, e.g., to make it easier to configure
constraints on the server certificate. For example:
CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:server.example.com

Currently, this includes DNS, EMAIL, and URI components from the
certificates. Similar information is priovided to D-Bus Certification
signal in the new altsubject argument which is a string array of these
items.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-01-14 13:29:40 +02:00
parent 98a4cd447e
commit d07d3fbda2
13 changed files with 96 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
doc/dbus.doxygen
View file

@ -792,7 +792,7 @@ fi.w1.wpa_supplicant1.CreateInterface.
<h4>Arguments</h4>
<dl>
<dt>a{sv} : parameters</dt>
<dd>A dictionary with pairs of field names and their values. Possible dictionary keys are: "depth", "subject", "cert_hash", "cert".</dd>
<dd>A dictionary with pairs of field names and their values. Possible dictionary keys are: "depth", "subject", "altsubject", "cert_hash", "cert".</dd>
</dl>
</li>