commit 8f89dd01289ea9e97405432d2351a19c842dd6d5
author Florin Coras <fcoras@cisco.com> Mon Mar 05 16:53:07 2018 -0800
committer Dave Barach <openvpp@barachs.net> Wed Mar 07 13:27:59 2018 +0000
tree 67ab5d20f9ebbd34ee8d9fec2dfc3d97297fd0f7
parent 7139e757b13212f3fd8e3f3f401018375fed0c61

tls: enforce certificate verification

- add option to use test certificate in the ca chain
- add hostname to extended session endpoint fields and connect api
  parameters. If hostname is present, certificate validation is
  enforced.
- use /etc/ssl/certs/ca-certificates.crt to bootstrap CA cert. A
  different path can be provided via startup config

Change-Id: I046f9c6ff3ae6a9c2d71220cb62eca8f7b10e5fb
Signed-off-by: Florin Coras <fcoras@cisco.com>

src/vnet/session/session.c

diff --git a/src/vnet/session/session.c b/src/vnet/session/session.c
index 09e3ded..d4220d4 100644
--- a/src/vnet/session/session.c
+++ b/src/vnet/session/session.c
@@ -878,12 +878,11 @@
 int
 session_open_app (u32 app_index, session_endpoint_t * rmt, u32 opaque)
 {
-  session_endpoint_extended_t sep;
-  clib_memcpy (&sep, rmt, sizeof (*rmt));
-  sep.app_index = app_index;
-  sep.opaque = opaque;
+  session_endpoint_extended_t *sep = (session_endpoint_extended_t *) rmt;
+  sep->app_index = app_index;
+  sep->opaque = opaque;
 
-  return tp_vfts[rmt->transport_proto].open ((transport_endpoint_t *) & sep);
+  return tp_vfts[rmt->transport_proto].open ((transport_endpoint_t *) sep);
 }
 
 typedef int (*session_open_service_fn) (u32, session_endpoint_t *, u32);