diff options
Diffstat (limited to 'conf')
| -rw-r--r-- | conf/Makefile.am | 1 | ||||
| -rw-r--r-- | conf/plugins/addrblock.opt | 8 |
2 files changed, 9 insertions, 0 deletions
diff --git a/conf/Makefile.am b/conf/Makefile.am index 80fa31e73..41912c43a 100644 --- a/conf/Makefile.am +++ b/conf/Makefile.am @@ -28,6 +28,7 @@ options = \ options/tnc.opt plugins = \ + plugins/addrblock.opt \ plugins/android_log.opt \ plugins/attr.opt \ plugins/attr-sql.opt \ diff --git a/conf/plugins/addrblock.opt b/conf/plugins/addrblock.opt new file mode 100644 index 000000000..e35e4c5ad --- /dev/null +++ b/conf/plugins/addrblock.opt @@ -0,0 +1,8 @@ +charon.plugins.addrblock.strict = yes + Whether to strictly require addrblock extension in subject certificates. + + If set to yes, a subject certificate without an addrblock extension is + rejected if the issuer certificate has such an addrblock extension. If set + to no, subject certificates issued without the addrblock extension are + accepted without any traffic selector checks and no policy is enforced + by the plugin. |