Sorry for the delay. This patch fell through the cracks. I saw your
question on IRC. It was before I setup my patchwork  for tracking the
state of patches.
On 10/25/2016 10:13 AM, Daniel Wagner wrote:
On 09/08/2016 02:32 PM, Lichtinger, Bernhard wrote:
> Perhaps you like patches more if they are inline.
> Any comment would be nice, even a "won't apply".
> adds subject_match, altsubject_match, domain_suffix_match,
> they are used for 802.1X aka. enterprise-wpa to check
> the authentication server's certificate in order to
> prevent MITM attacks using a valid certificate issued
> by the same root-CA as configured by CACertFile.
> More details at
From a quick glance it looks good to me. Most of it is internal APIs
anyway, which we can change if needed. The config-format is public API
which means we should at least have some input from the iwd (the yet to
released wireless daemon which should replace wpa_supplicant).
Marcel: do think these matches proposed below make sense for iwd?
From what I can tell, this shouldn't be a problem at all. Can you just
rebase your patch and sent it again?