Displaying 2 results from an estimated 2 matches for "want_cert".
2015 Feb 19
2
Proposal: Allow HostKeyAlias to be used in hostname check against certificate principal.
Howdy --
I have a number of servers with host keys validated by certificates.
These systems are behind a load-balanced frontend, and the
certificates are signed as valid for the DNS name used by that common
frontend address.
This works well for the primary use case of the systems; however, when
wishing to address only a single unit within the pool, the certificate
cannot be used to validate that
2012 Dec 27
3
[PATCH] hostfile: list known names (if any) for new hostkeys
...ort,
Key *raw_key = NULL;
char *ip = NULL, *host = NULL;
char hostline[1000], *hostp, *fp, *ra;
- char msg[1024];
+ char msg[2048];
const char *type;
const struct hostkey_entry *host_found, *ip_found;
int len, cancelled_forwarding = 0;
int local = sockaddr_is_local(hostaddr);
int r, want_cert = key_is_cert(host_key), host_ip_differ = 0;
- struct hostkeys *host_hostkeys, *ip_hostkeys;
+ struct hostkeys *host_hostkeys, *ip_hostkeys, *key_hostkeys = NULL;
u_int i;
/*
@@ -758,17 +758,17 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
host_hostkeys = init...