summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2014-08-10 15:00:27 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2014-08-10 15:30:54 +0100
commit401a89359e1fcff59218ae2a05a5e9f3a603d915 (patch)
tree45133d858b3cc407b5d4664a050c5ec5b4e1016d /src
parenta46255cd7d3a5e30068d5ac169545a2c0bd66f9a (diff)
Verifiable conn with DANE-EE(3) / SPKI(1) / SHA2-512(2)
Diffstat (limited to 'src')
-rw-r--r--src/src/dane-openssl.c4
-rw-r--r--src/src/tls-openssl.c4
2 files changed, 4 insertions, 4 deletions
diff --git a/src/src/dane-openssl.c b/src/src/dane-openssl.c
index 4f90caa4a..aab32cabd 100644
--- a/src/src/dane-openssl.c
+++ b/src/src/dane-openssl.c
@@ -859,7 +859,7 @@ X509 *cert = ctx->cert; /* XXX: accessor? */
int matched = 0;
int chain_length = sk_X509_num(ctx->chain);
-DEBUG(D_tls) debug_printf("Dane library verify_chain fn called\n");
+DEBUG(D_tls) debug_printf("Dane verify_chain\n");
issuer_rrs = dane->selectors[SSL_DANE_USAGE_LIMIT_ISSUER];
leaf_rrs = dane->selectors[SSL_DANE_USAGE_LIMIT_LEAF];
@@ -952,7 +952,7 @@ int (*cb)(int, X509_STORE_CTX *) = ctx->verify_cb;
int matched;
X509 *cert = ctx->cert; /* XXX: accessor? */
-DEBUG(D_tls) debug_printf("Dane library verify_cert fn called\n");
+DEBUG(D_tls) debug_printf("Dane verify_cert\n");
if(ssl_idx < 0)
ssl_idx = SSL_get_ex_data_X509_STORE_CTX_idx();
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 70ac63f16..001403494 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1796,8 +1796,8 @@ if (dane)
{
default: /* log bad */ return FAIL;
case 0: mdname = NULL; break;
- case 1: mdname = "SHA2-256"; break;
- case 2: mdname = "SHA2-512"; break;
+ case 1: mdname = "sha256"; break;
+ case 2: mdname = "sha512"; break;
}
switch (DANESSL_add_tlsa(client_ssl,
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 19:10:24 +0000