mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
OpenSSL: Read certificate chain from server_cert file
Currently OpenSSL implementation of TLS in hostapd loads only top certificate in server certificate file. Change this to try to the whole chain first and only if that fails, revert to old behavior. Signed-off-by: Maciej Szmigiero <mhej@o2.pl>
This commit is contained in:
parent
8205c82a48
commit
6589774746
@ -1663,6 +1663,7 @@ static int tls_global_client_cert(SSL_CTX *ssl_ctx, const char *client_cert)
|
||||
|
||||
if (SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
|
||||
SSL_FILETYPE_ASN1) != 1 &&
|
||||
SSL_CTX_use_certificate_chain_file(ssl_ctx, client_cert) != 1 &&
|
||||
SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
|
||||
SSL_FILETYPE_PEM) != 1) {
|
||||
tls_show_errors(MSG_INFO, __func__,
|
||||
|
Loading…
Reference in New Issue
Block a user