diff options
| author | tobhe <tobhe@cvs.openbsd.org> | 2020-09-23 14:25:56 +0000 |
|---|---|---|
| committer | tobhe <tobhe@cvs.openbsd.org> | 2020-09-23 14:25:56 +0000 |
| commit | 509e52bad9992c3ec9c6c66b370619205e7c9cd7 (patch) | |
| tree | 92e5fb4888f8b5ab751828bc6e48e1813aad501b /sbin/iked/iked.h | |
| parent | c97169c2b1d41deff32cafa7392caf96f421c778 (diff) | |
Add new 'set cert_partial_chain' config option to allow verification of
partial certificate chains if a trusted intermediate CA is found in
/etc/iked/ca/.
ok patrick@
Diffstat (limited to 'sbin/iked/iked.h')
| -rw-r--r-- | sbin/iked/iked.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index 496d80c6e74..4f9d44b4480 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.165 2020/09/16 21:37:35 tobhe Exp $ */ +/* $OpenBSD: iked.h,v 1.166 2020/09/23 14:25:55 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -756,6 +756,7 @@ struct iked { struct iked_addrpool sc_addrpool; struct iked_addrpool6 sc_addrpool6; + int sc_cert_partial_chain; }; struct iked_socket { @@ -826,6 +827,8 @@ int config_setkeys(struct iked *); int config_getkey(struct iked *, struct imsg *); int config_setstatic(struct iked *); int config_getstatic(struct iked *, struct imsg *); +int config_setcertpartialchain(struct iked *); +int config_getcertpartialchain(struct iked *, struct imsg *); /* policy.c */ void policy_init(struct iked *); |