If the client provides a TLS certificate and the user specifies a - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	bluhm <>	2020-01-07 17:36:04 +0000
committer	bluhm <>	2020-01-07 17:36:04 +0000
commit	1141f885583b175ef90db0a4a8118118946b803b (patch)
tree	342a1c3e2994083f59d67bc7c58aa52b131ec65f /src/lib
parent	2742398e709c477a05b8c4178bcb8f68184c4699 (diff)
download	openbsd-1141f885583b175ef90db0a4a8118118946b803b.tar.gz openbsd-1141f885583b175ef90db0a4a8118118946b803b.tar.bz2 openbsd-1141f885583b175ef90db0a4a8118118946b803b.zip

If the client provides a TLS certificate and the user specifies a

hash value on the nc(1) server command line, the netcat server must use the TLS context of the accepted socket for verification. As the listening socket was used instead, the verification was always successful. If the peer provides a certificate, there must be a hash. Make the hash verification fail safe. OK tb@

Diffstat (limited to 'src/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: