diff options
| author | claudio <> | 2017-08-09 21:27:24 +0000 |
|---|---|---|
| committer | claudio <> | 2017-08-09 21:27:24 +0000 |
| commit | b172f94f665e55aa2da726f07d8a751a8f88aed8 (patch) | |
| tree | 3fe6a59e04489e4fff11a15572903b1a13783ae0 /src/lib/libtls/tls_config.c | |
| parent | 728461d1289a45d154875141eb0e954d9a212e34 (diff) | |
| download | openbsd-b172f94f665e55aa2da726f07d8a751a8f88aed8.tar.gz openbsd-b172f94f665e55aa2da726f07d8a751a8f88aed8.tar.bz2 openbsd-b172f94f665e55aa2da726f07d8a751a8f88aed8.zip | |
Don't use tls_cert_hash for the hashing used by the engine offloading magic
for the TLS privsep code. Instead use X509_pubkey_digest() because only the
key should be used as identifier. Relayd is rewriting certificates and then
the hash would change. Rename the hash is struct tls_keypair to pubkey_hash
to make clear what this hash is about.
With input and OK jsing@
Diffstat (limited to 'src/lib/libtls/tls_config.c')
| -rw-r--r-- | src/lib/libtls/tls_config.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c index fe049d1e4e..40374ea220 100644 --- a/src/lib/libtls/tls_config.c +++ b/src/lib/libtls/tls_config.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_config.c,v 1.41 2017/07/06 17:12:22 jsing Exp $ */ | 1 | /* $OpenBSD: tls_config.c,v 1.42 2017/08/09 21:27:24 claudio Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -141,7 +141,7 @@ tls_keypair_free(struct tls_keypair *keypair) | |||
| 141 | free(keypair->cert_mem); | 141 | free(keypair->cert_mem); |
| 142 | free(keypair->key_mem); | 142 | free(keypair->key_mem); |
| 143 | free(keypair->ocsp_staple); | 143 | free(keypair->ocsp_staple); |
| 144 | free(keypair->cert_hash); | 144 | free(keypair->pubkey_hash); |
| 145 | 145 | ||
| 146 | free(keypair); | 146 | free(keypair); |
| 147 | } | 147 | } |