]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fa4825f)
If we have DER decoded certs pass them to verify certificate
authorNick Porter <nick@portercomputing.co.uk>
Fri, 23 Jan 2026 09:13:03 +0000 (09:13 +0000)
committerNick Porter <nick@portercomputing.co.uk>
Fri, 23 Jan 2026 09:14:16 +0000 (09:14 +0000)
src/lib/tls/verify.c patch | blob | blame | history

diff --git a/src/lib/tls/verify.c b/src/lib/tls/verify.c
index a5dd8a1f5dcb78b09f127b963b424dc1e511f9d8..48833cba69963051c57a195e81e649d0eddbd2fc 100644 (file)
--- a/src/lib/tls/verify.c
+++ b/src/lib/tls/verify.c
@@ -486,6 +486,11 @@ static unlang_action_t tls_verify_client_cert_push(request_t *request, fr_tls_se
        while ((vp = fr_pair_find_by_da(&request->parent->session_state_pairs, vp, attr_tls_certificate))) {
                fr_pair_append(&request->session_state_pairs, fr_pair_copy(request->session_state_ctx, vp));
        }
+       if (conf->verify.der_decode) {
+               while ((vp = fr_pair_find_by_da(&request->parent->session_state_pairs, vp, attr_der_certificate))) {
+                       fr_pair_append(&request->session_state_pairs, fr_pair_copy(request->session_state_ctx, vp));
+               }
+       }
 
        MEM(pair_append_request(&vp, attr_tls_session_resumed) >= 0);
        vp->vp_bool = tls_session->validate.resumed;
Mirror of https://github.com/FreeRADIUS/freeradius-server.git