tls: enforce certificate verification - add option to use test certificate in the ca chain - add hostname to extended session endpoint fields and connect api parameters. If hostname is present, certificate validation is enforced. - use /etc/ssl/certs/ca-certificates.crt to bootstrap CA cert. A different path can be provided via startup config Change-Id: I046f9c6ff3ae6a9c2d71220cb62eca8f7b10e5fb Signed-off-by: Florin Coras <fcoras@cisco.com>

commit: 8f89dd01289ea9e97405432d2351a19c842dd6d5 [log] [tgz]
author: Florin Coras <fcoras@cisco.com> Mon Mar 05 16:53:07 2018 -0800
committer: Dave Barach <openvpp@barachs.net> Wed Mar 07 13:27:59 2018 +0000
tree: 67ab5d20f9ebbd34ee8d9fec2dfc3d97297fd0f7
parent: 7139e757b13212f3fd8e3f3f401018375fed0c61 [diff] [blame]
diff --git a/src/vnet/session/application_interface.h b/src/vnet/session/application_interface.h
index 2ab09d6..deddb64 100644
--- a/src/vnet/session/application_interface.h
+++ b/src/vnet/session/application_interface.h

@@ -83,13 +83,11 @@
   union
   {
     char *uri;
-    session_endpoint_t sep;
+    session_endpoint_extended_t sep;
   };
   u32 app_index;
   u32 api_context;
 
-  /* Used for redirects */
-  void *mp;
   session_handle_t session_handle;
 } vnet_connect_args_t;
commit	8f89dd01289ea9e97405432d2351a19c842dd6d5	[log] [tgz]
author	Florin Coras <fcoras@cisco.com>	Mon Mar 05 16:53:07 2018 -0800
committer	Dave Barach <openvpp@barachs.net>	Wed Mar 07 13:27:59 2018 +0000
tree	67ab5d20f9ebbd34ee8d9fec2dfc3d97297fd0f7
parent	7139e757b13212f3fd8e3f3f401018375fed0c61 [diff] [blame]