artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3ddf1e5) | patch
Remove an ugly hack in the client certificate verification code that works
authortb <tb@openbsd.org>
Fri, 7 Dec 2018 07:22:09 +0000 (07:22 +0000)
committertb <tb@openbsd.org>
Fri, 7 Dec 2018 07:22:09 +0000 (07:22 +0000)
commit3ad5c2732db30cb6300d0bfce7c7d6fa1c8f6122
tree14709a781df8442031e6727f5c9b06f769ad1281tree | snapshot
parent3ddf1e5e4bb5b78d64ca7d1c1ae83902fb96ddc8commit | diff
Remove an ugly hack in the client certificate verification code that works
around broken GOST implementations.  It looks like client certificates with
GOST have been completely broken since reimport of the GOST code, so no-one
is using LibreSSL this way.  The client side was fixed only last week for
TLSv1.0 and TLSv1.1.  This workaround is now in the way of much needed
simplifcation and cleanup, so it is time for it to go.

suggested by and ok jsing
lib/libssl/ssl_srvr.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim