aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/encoding/payloads/proposal_substructure.c
diff options
context:
space:
mode:
authorTobias Brunner <tobias@strongswan.org>2015-08-03 13:55:36 +0200
committerTobias Brunner <tobias@strongswan.org>2015-08-17 14:04:19 +0200
commit774c8c38471da95725e7dcad17fad6c7d1edb2ab (patch)
tree109ad3f8380f1869b8128762fd5c793ce49b66ab /src/libcharon/encoding/payloads/proposal_substructure.c
parent9322e5b398efcf0a6f3bf576ef4b4b12b5ae6528 (diff)
downloadstrongswan-774c8c38471da95725e7dcad17fad6c7d1edb2ab.tar.bz2
strongswan-774c8c38471da95725e7dcad17fad6c7d1edb2ab.tar.xz
auth-cfg: Matching one CA should be enough, similar to peer certificates
Not sure if defining multiple CA constraints and enforcing _all_ of them, i.e. the previous behavior, makes even sense. To ensure a very specific chain it should be enough to define the last intermediate CA. On the other hand, the ability to define multiple CAs could simplify configuration. This can currently only be used with swanctl/VICI based configs as `rightca` only takes a single DN.
Diffstat (limited to 'src/libcharon/encoding/payloads/proposal_substructure.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-26 03:05:10 +0000