mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
r18747@catbus: nickm | 2008-03-11 13:21:25 -0400
Request client certs when renegotiating on server-side. Spotted by lodger. Bugfix on 0.2.0.x. svn:r13973
This commit is contained in:
parent
2cb7f63c9c
commit
24f91d2876
@ -11,6 +11,8 @@ Changes in version 0.2.1.1-alpha - 2008-??-??
|
||||
events. Caught by mwenge; bugfix on 0.1.2.x.
|
||||
- Fix the SVK version detection logic to work correctly on a branch.
|
||||
Bugfix on 0.2.0.x.
|
||||
- Make sure servers always request certificates from clients during
|
||||
TLS renegotiation. Bugfix on 0.2.0.x.
|
||||
|
||||
o Minor features:
|
||||
- Allow separate log levels to be configured for different logging
|
||||
|
@ -930,7 +930,7 @@ tor_tls_handshake(tor_tls_t *tls)
|
||||
tls->state = TOR_TLS_ST_OPEN;
|
||||
if (tls->isServer) {
|
||||
SSL_set_info_callback(tls->ssl, NULL);
|
||||
SSL_set_verify(tls->ssl, SSL_VERIFY_NONE, always_accept_verify_cb);
|
||||
SSL_set_verify(tls->ssl, SSL_VERIFY_PEER, always_accept_verify_cb);
|
||||
/* There doesn't seem to be a clear OpenSSL API to clear mode flags. */
|
||||
tls->ssl->mode &= ~SSL_MODE_NO_AUTO_CHAIN;
|
||||
#ifdef V2_HANDSHAKE_SERVER
|
||||
|
Loading…
Reference in New Issue
Block a user