Simplify certificate list handling code in legacy server. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2022-07-03 14:58:00 +0000
committer	jsing <>	2022-07-03 14:58:00 +0000
commit	75b104defc9fec997245749fc919fd66a679c40d (patch)
tree	6210ecab1ffd76ddf1fb9ee395feb4d7bad0129d /src/lib/libcrypto/dsa
parent	1ffc21a41f265a4910719c37b047e1583145350d (diff)
download	openbsd-75b104defc9fec997245749fc919fd66a679c40d.tar.gz openbsd-75b104defc9fec997245749fc919fd66a679c40d.tar.bz2 openbsd-75b104defc9fec997245749fc919fd66a679c40d.zip

Simplify certificate list handling code in legacy server.

A client is required to send an empty list if it does not have a suitable certificate - handle this case up front, rather than going through the normal code path and ending up with an empty certificate list. This matches what we do in the TLSv1.3 stack and will allow for ruther clean up (in addition to making the code more readable). Also tidy up the CBS code and remove some unnecessary length checks. Use 'cert' and 'certs' for certificates, rather than 'x' and 'sk'. ok tb@

Diffstat (limited to 'src/lib/libcrypto/dsa')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: