On Sat, Jan 24, 2015 at 07:05:43PM -0500, Ted Unangst wrote:
> I think it would be better to do as ftp(1) does and have one
> command line option that sets all the options, instead of exploding
> getopt() with every possibility.
I have copied the -S ssl_options from ftp(1) except CA path, which
do
On Sat, Jan 24, 2015 at 20:40, Alexander Bluhm wrote:
> On Thu, Jan 22, 2015 at 12:54:46AM +0100, Alexander Bluhm wrote:
>> With this diff, syslogd verifies the x509 certificate of the TLS
>> server before sending any messages to it.
>>
>> Note that you also need Reyk's extensions to libtls and lib
On Thu, Jan 22, 2015 at 12:54:46AM +0100, Alexander Bluhm wrote:
> With this diff, syslogd verifies the x509 certificate of the TLS
> server before sending any messages to it.
>
> Note that you also need Reyk's extensions to libtls and libssl to
> use the CA file with privsep. So I will not commi
Hi,
With this diff, syslogd verifies the x509 certificate of the TLS
server before sending any messages to it.
Note that you also need Reyk's extensions to libtls and libssl to
use the CA file with privsep. So I will not commit before Reyk.
ok?
bluhm
Index: usr.sbin/syslogd/syslogd.c
