On Sun, 2016-04-24 at 22:50 -0700, Kevin Cernekee wrote: > > -???????key_is_sys = !strncmp(vpninfo->sslkey, "system:", 7); > -???????cert_is_sys = !strncmp(vpninfo->cert, "system:", 7); > +???????key_is_sys = !strncmp(vpninfo->sslkey, "system:", 7) || > +??????????????????? !strncmp(vpninfo->sslkey, "app:", 4); > +???????cert_is_sys = !strncmp(vpninfo->cert, "system:", 7) || > +???????????????????? !strncmp(vpninfo->cert, "app:", 4); On further reflection... rather than hard-coding knowledge of which things GnuTLS might or might not recognise, can we please have an API to *ask* it? -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5760 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20160504/027abcfb/attachment.bin>
