From 13e731b78e8d00468f21c9b0d0d88ecb3aaba665 Mon Sep 17 00:00:00 2001
From: Hannes Mehnert <hannes@mehnert.org>
Date: Mon, 11 Nov 2019 22:30:53 +0100
Subject: [PATCH] albatross tls: re-allow root in leaf certificate (i.e. root)
 to fix log and info commands via tls

this is an interaction of 057dbbf14700699f4fd6a193c35084835918c5eb (allow multiple labels in leaf certificates) and a579a8e1434150915eb65acf3f73ae10a525e54f (print root as "." instead of "")
---
 client/albatross_client_bistro.ml | 2 +-
 tls/vmm_tls.ml                    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/client/albatross_client_bistro.ml b/client/albatross_client_bistro.ml
index b8ba4b6..691c295 100644
--- a/client/albatross_client_bistro.ml
+++ b/client/albatross_client_bistro.ml
@@ -9,7 +9,7 @@ let read fd =
   let rec loop () =
     Vmm_tls_lwt.read_tls fd >>= function
     | Error `Eof ->
-      Logs.warn (fun m -> m "eof from server");
+      Logs.debug (fun m -> m "eof from server");
       Lwt.return (Ok ())
     | Error _ -> Lwt.return (Error (`Msg ("read failure")))
     | Ok wire ->
diff --git a/tls/vmm_tls.ml b/tls/vmm_tls.ml
index 09ab5ef..f065927 100644
--- a/tls/vmm_tls.ml
+++ b/tls/vmm_tls.ml
@@ -80,7 +80,7 @@ let handle chain =
   name rest >>= fun name' ->
   (* and subject common name of leaf certificate -- allowing dots in CN -- as postfix *)
   (cert_name leaf >>= function
-    | None -> Ok name'
+    | None | Some "." -> Ok name'
     | Some x ->
       Vmm_core.Name.of_string x >>| fun post ->
       Vmm_core.Name.concat name' post) >>= fun name ->