git.openwrt.org Git - openwrt/staging/stintel.git/commit

author	Sergey V. Lobanov <sergey@lobanov.in>
	Fri, 24 Dec 2021 23:05:35 +0000 (02:05 +0300)
committer	Christian Lamparter <chunkeey@gmail.com>
	Wed, 29 Dec 2021 21:55:16 +0000 (22:55 +0100)
commit	6bfc8bb4a37903bd1d3bb7e7824d89f3a2cca6a1
tree	9b0e2b3623854117e02e995108bcfad8fe40c9a8	tree \| snapshot
parent	dfd695f4b9f364a7c7db646d2cada10fdf304f02	commit \| diff

utils/px5g-wolfssl: make selfsigned certicates compatible with chromium

Chromium based web-browsers (version >58) checks x509v3 extended attributes.
If this check fails then chromium does not allow to click "Proceed to ...
(unsafe)" link. This patch add three x509v3 extended attributes to self-signed
certificate:
1. SAN (Subject Alternative Name) (DNS Name) = CN (common name)
2. Key Usage = Digital Signature, Non Repudiation, Key Encipherment
3. Extended Key Usage = TLS Web Server Authentication

SAN will be added only if CONFIG_WOLFSSL_ALT_NAMES=y

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>

package/utils/px5g-wolfssl/Makefile		diff \| blob \| history
package/utils/px5g-wolfssl/px5g-wolfssl.c		diff \| blob \| history