tunnelkit/Sources/CTunnelKitOpenVPNProtocol/include
Davide De Rosa 9c63b856cb
Verify CA from on-disk file (#237)
* Verify CA from on-disk file

Revert part of #213 again, because `SSL_CTX_load_verify_locations`
is just more reliable at setting up the trust store.

It looks like it's able to reference the .pem multiple times in
those cases where the root issuer of the CA is also embedded in
the file (which is the case with e.g. Let's Encrypt).

This is better than the current implementation, and I couldn't
easily find a way to do the same in-memory. I'd rather use the
standard API here.

See 7a85d3cac7
2021-11-27 12:32:30 +01:00
..
ControlPacket.h Increase components granularity 2021-11-11 15:18:03 +01:00
Crypto.h Increase components granularity 2021-11-11 15:18:03 +01:00
CryptoAEAD.h Increase components granularity 2021-11-11 15:18:03 +01:00
CryptoBox.h Increase components granularity 2021-11-11 15:18:03 +01:00
CryptoCBC.h Increase components granularity 2021-11-11 15:18:03 +01:00
CryptoCTR.h Increase components granularity 2021-11-11 15:18:03 +01:00
CryptoMacros.h Move TunnelKit errors specific to OpenVPN 2021-11-23 19:17:43 +01:00
DataPath.h Increase components granularity 2021-11-11 15:18:03 +01:00
DataPathCrypto.h Increase components granularity 2021-11-11 15:18:03 +01:00
MSS.h Increase components granularity 2021-11-11 15:18:03 +01:00
PacketMacros.h Increase components granularity 2021-11-11 15:18:03 +01:00
PacketStream.h Increase components granularity 2021-11-11 15:18:03 +01:00
ReplayProtector.h Increase components granularity 2021-11-11 15:18:03 +01:00
TLSBox.h Verify CA from on-disk file (#237) 2021-11-27 12:32:30 +01:00