Stop checking key-cert match systematically
This commit is contained in:
parent
751286be39
commit
f427f8854a
2 changed files with 5 additions and 3 deletions
|
@ -27,6 +27,8 @@ Bugfix
|
||||||
* Fix potential memory leak in ssl_set_psk() (found by Mansour Moufid).
|
* Fix potential memory leak in ssl_set_psk() (found by Mansour Moufid).
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
|
* ssl_set_own_cert() now longers calls pk_check_pair() since the
|
||||||
|
performance impact was bad for some users (this was introduced in 1.3.10).
|
||||||
* Move from SHA-1 to SHA-256 in example programs using signatures
|
* Move from SHA-1 to SHA-256 in example programs using signatures
|
||||||
(suggested by Thorsten Mühlfelder).
|
(suggested by Thorsten Mühlfelder).
|
||||||
* Remove some unneeded inclusions of header files from the standard library
|
* Remove some unneeded inclusions of header files from the standard library
|
||||||
|
|
|
@ -3973,7 +3973,7 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
|
||||||
key_cert->cert = own_cert;
|
key_cert->cert = own_cert;
|
||||||
key_cert->key = pk_key;
|
key_cert->key = pk_key;
|
||||||
|
|
||||||
return( pk_check_pair( &key_cert->cert->pk, key_cert->key ) );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_RSA_C)
|
#if defined(POLARSSL_RSA_C)
|
||||||
|
@ -4002,7 +4002,7 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
|
||||||
key_cert->cert = own_cert;
|
key_cert->cert = own_cert;
|
||||||
key_cert->key_own_alloc = 1;
|
key_cert->key_own_alloc = 1;
|
||||||
|
|
||||||
return( pk_check_pair( &key_cert->cert->pk, key_cert->key ) );
|
return( 0 );
|
||||||
}
|
}
|
||||||
#endif /* POLARSSL_RSA_C */
|
#endif /* POLARSSL_RSA_C */
|
||||||
|
|
||||||
|
@ -4031,7 +4031,7 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert,
|
||||||
key_cert->cert = own_cert;
|
key_cert->cert = own_cert;
|
||||||
key_cert->key_own_alloc = 1;
|
key_cert->key_own_alloc = 1;
|
||||||
|
|
||||||
return( pk_check_pair( &key_cert->cert->pk, key_cert->key ) );
|
return( 0 );
|
||||||
}
|
}
|
||||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue