ssld: we only will continue supporting one fingerprint method at a time
This commit is contained in:
parent
fced7b416b
commit
772c95cc7a
2 changed files with 5 additions and 7 deletions
|
@ -389,7 +389,7 @@ ssl_process_certfp(ssl_ctl_t * ctl, ssl_ctl_buf_t * ctl_buf)
|
|||
char *certfp_string;
|
||||
int i;
|
||||
|
||||
if(ctl_buf->buflen != 5 + RB_SSL_CERTFP_LEN)
|
||||
if(ctl_buf->buflen > 5 + RB_SSL_CERTFP_LEN)
|
||||
return; /* bogus message..drop it.. XXX should warn here */
|
||||
|
||||
fd = buf_to_int32(&ctl_buf->buf[1]);
|
||||
|
|
10
ssld/ssld.c
10
ssld/ssld.c
|
@ -668,14 +668,13 @@ ssl_process_accept_cb(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen
|
|||
|
||||
if(status == RB_OK)
|
||||
{
|
||||
int len = rb_get_ssl_certfp(F, &buf[9], certfp_method);
|
||||
int len = rb_get_ssl_certfp(F, &buf[5], certfp_method);
|
||||
if(len)
|
||||
{
|
||||
lrb_assert(len <= RB_SSL_CERTFP_LEN);
|
||||
buf[0] = 'F';
|
||||
int32_to_buf(&buf[1], conn->id);
|
||||
int32_to_buf(&buf[5], certfp_method);
|
||||
mod_cmd_write_queue(conn->ctl, buf, 9 + len);
|
||||
mod_cmd_write_queue(conn->ctl, buf, 5 + len);
|
||||
}
|
||||
conn_mod_read_cb(conn->mod_fd, conn);
|
||||
conn_plain_read_cb(conn->plain_fd, conn);
|
||||
|
@ -694,14 +693,13 @@ ssl_process_connect_cb(rb_fde_t *F, int status, void *data)
|
|||
|
||||
if(status == RB_OK)
|
||||
{
|
||||
int len = rb_get_ssl_certfp(F, &buf[9], certfp_method);
|
||||
int len = rb_get_ssl_certfp(F, &buf[5], certfp_method);
|
||||
if(len)
|
||||
{
|
||||
lrb_assert(len <= RB_SSL_CERTFP_LEN);
|
||||
buf[0] = 'F';
|
||||
int32_to_buf(&buf[1], conn->id);
|
||||
int32_to_buf(&buf[5], certfp_method);
|
||||
mod_cmd_write_queue(conn->ctl, buf, 9 + len);
|
||||
mod_cmd_write_queue(conn->ctl, buf, 5 + len);
|
||||
}
|
||||
conn_mod_read_cb(conn->mod_fd, conn);
|
||||
conn_plain_read_cb(conn->plain_fd, conn);
|
||||
|
|
Loading…
Reference in a new issue