x509: add parse/print support for IPs in SAN RFC 5280 defines many type of names to be used in the subjectAltName extension of certificate. So far we only supported dNSName, but there is demand for IP addresses too. This is the first step, support for verification will be added in the next commit.

commit: 3ad9437923249489066e18973e20e863981b1f82 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Jan 28 10:50:58 2016 +0100
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Jan 29 15:02:41 2016 +0100
tree: 9c6ee28dd5b27df751de3fa5d34f0dc6cd3bc66e
parent: 803183f5fe62b27c54eefec101c0994fcd17557b [diff] [blame]
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index d1db0d8..20eca56 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -1319,6 +1319,18 @@
 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
 
 /**
+ * \def MBEDTLS_X509_SAN_IP_ADDRESS_SUPPORT
+ *
+ * Enable support for IP addresses (IPv4 and IPv6) in subjectAltName in
+ * certificates. This includes parsing, printing with
+ * \c mbedtls_x509_crt_info(), and verification - see the documentation of
+ * \c mbedtls_x509_crt_verify_with_profile()
+ *
+ * Comment this macro to disallow using IP addresses in
+ */
+#define MBEDTLS_X509_SAN_IP_ADDRESS_SUPPORT
+
+/**
  * \def MBEDTLS_ZLIB_SUPPORT
  *
  * If set, the SSL/TLS module uses ZLIB to support compression and
commit	3ad9437923249489066e18973e20e863981b1f82	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Thu Jan 28 10:50:58 2016 +0100
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Fri Jan 29 15:02:41 2016 +0100
tree	9c6ee28dd5b27df751de3fa5d34f0dc6cd3bc66e
parent	803183f5fe62b27c54eefec101c0994fcd17557b [diff] [blame]