summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_keypair.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Limit tls_config_clear_keys() to only clearing private keys.jsing2018-04-181-2/+2
| | | | | | | | This was inadvertently clearing the keypair, which includes the OCSP staple and pubkey hash - if an application called tls_configure() followed by tls_config_clear_keys(), this would prevent OCSP staples from working. ok beck@
* Move the keypair pubkey hash handling code to during config.jsing2018-02-101-47/+46
| | | | | | | | | | | | | | The keypair pubkey hash was being generated and set in the keypair when the TLS context was being configured. This code should not be messing around with the keypair contents, since it is part of the config (and not the context). Instead, generate the pubkey hash and store it in the keypair when the certificate is configured. This means that we are guaranteed to have the pubkey hash and as a side benefit, we identify bad certificate content when it is provided, instead of during the context configuration. ok beck@
* Have tls_keypair_pubkey_hash() call tls_keypair_load_cert() instead ofjsing2018-02-081-10/+5
| | | | | rolling its own certificate loading. This also means we get better error reporting on failure.
* Ensure that tls_keypair_clear() clears the OCSP staple and pubkey hash.jsing2018-02-081-6/+5
|
* Move tls_keypair_pubkey_hash() to the keypair file.jsing2018-02-081-1/+40
|
* Split keypair handling out into its own file - it had already appearedjsing2018-02-081-0/+146
in multiple locations. ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-17 02:19:04 +0000