tls: Improve validation of certificates if multiple certs are concatenated in one file

[PATCH 0/7] tls: Improve validation of certificates if multiple certs are concatenated in one file

Peter Krempa via Devel posted 7 patches 1 month, 3 weeks ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/cover.1752766013.git.pkrempa@redhat.com

src/rpc/virnettlscert.c    | 94 ++++++++++++--------------------------
src/rpc/virnettlscert.h    |  6 ++-
src/rpc/virnettlscontext.c | 89 +++++++++++++++++-------------------
tools/virt-pki-validate.c  | 20 ++++++--
4 files changed, 90 insertions(+), 119 deletions(-)

Expand all Fold all

[PATCH 0/7] tls: Improve validation of certificates if multiple certs are concatenated in one file

Posted by Peter Krempa via Devel 1 month, 3 weeks ago

Our code handled properly only multiple CA certs in one file. This patch
extends the validation also to multiple client/server certs in one file.

Peter Krempa (7):
  rpc: virnettlscontext: Fix formatting of function definitions
  virNetTLSContextNewPath: Refactor temporary variable usage
  virNetTLSCertCheckPair: Fix function definition formatting
  rpc: virnettlscert: Rename virNetTLSCertLoadCAListFromFile to
    virNetTLSCertLoadListFromFile
  virPKIValidateIdentity: Validate all concatenated certificates
  virNetTLSCertSanityCheck: Validate all concatenated certs
  Remove unused 'virNetTLSCertLoadFromFile'

 src/rpc/virnettlscert.c    | 94 ++++++++++++--------------------------
 src/rpc/virnettlscert.h    |  6 ++-
 src/rpc/virnettlscontext.c | 89 +++++++++++++++++-------------------
 tools/virt-pki-validate.c  | 20 ++++++--
 4 files changed, 90 insertions(+), 119 deletions(-)

-- 
2.50.0