xCAT/xNBA
2
0
Fork 0
mirror of https://github.com/xcat2/xNBA.git synced 2024-11-21 17:11:46 +00:00
Code Issues Projects Releases Wiki Activity
xCAT Network Boot Agent
4,587 Commits 4 Branches 0 Tags 13 MiB
C 94.5%
Objective-C 2.1%
Assembly 1.3%
Perl 0.9%
Makefile 0.4%
Other 0.7%
d1ad215231
Go to file
Jarrod Johnson d1ad215231 Handle OCSP responses that don't provide certificates 
From 9f2bbf20533a6c006820c5b03be6f3a93e8b3e99 Mon Sep 17 00:00:00 2001
From: Alexander Chernyakhovsky <achernya@google.com>
Date: Tue, 15 Oct 2013 16:03:11 -0400
Subject: [PATCH 4/4] Handle OCSP responses that don't provide certificates

Certificate authorities are not required to send the certificate used
to sign the OCSP response under some scenarios, namely in the case
when the certificate is the same as the one that did the original
issue. The iPXE code previously assumed that such cases did not exist,
and valid OCSP responses were dropped.  Change these semantics by
attempting to validate with the original issuer if no specific signing
certificate was provided.
---
 src/crypto/ocsp.c | 9 ++++++++-
  1 file changed, 8 insertions(+), 1 deletion(-)
2014-03-14 13:57:31 -04:00
contrib [errdb] Strip platform error code for non-platform-generated errors 2013-04-29 15:36:32 +01:00
src Handle OCSP responses that don't provide certificates 2014-03-14 13:57:31 -04:00
COPYING Initial revision 2005-05-17 16:44:57 +00:00
COPYRIGHTS [build] Rename gPXE to iPXE 2010-04-19 23:43:39 +01:00
README [doc] Re-add README file 2010-05-28 00:03:47 +01:00

README 

iPXE README File

Quick start guide:

   cd src
   make

For any more detailed instructions, see http://ipxe.org