artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f385e3b) | patch
Move the keypair pubkey hash handling code to during config.
authorjsing <jsing@openbsd.org>
Sat, 10 Feb 2018 04:57:35 +0000 (04:57 +0000)
committerjsing <jsing@openbsd.org>
Sat, 10 Feb 2018 04:57:35 +0000 (04:57 +0000)
commit2974e8f102cc29542387556e983b4bca35ff8020
tree8411770c319450ce8836f1a20d3405cf28efa92ftree | snapshot
parentf385e3b3c8cc473dedd28375400f112b72ea9b42commit | diff
Move the keypair pubkey hash handling code to during config.

The keypair pubkey hash was being generated and set in the keypair when the
TLS context was being configured. This code should not be messing around
with the keypair contents, since it is part of the config (and not the
context).

Instead, generate the pubkey hash and store it in the keypair when the
certificate is configured. This means that we are guaranteed to have the
pubkey hash and as a side benefit, we identify bad certificate content
when it is provided, instead of during the context configuration.

ok beck@
lib/libtls/tls.c diff | blob | history
lib/libtls/tls_config.c diff | blob | history
lib/libtls/tls_internal.h diff | blob | history
lib/libtls/tls_keypair.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim