diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-12-28 11:27:31 +0100 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-01-13 09:09:36 +0100 |
| commit | bf973d0697e61a44dc46d08b0421a08a8cb61887 (patch) | |
| tree | 023ed993172263fa1c261e8321d77b325380d95f /ssl | |
| parent | 5a2d0ef36f4c130758a9d5e84f93004458e3ce60 (diff) | |
Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1
Deprecate X509_NAME_hash()
Document X509_NAME_hash_ex(), X509_NAME_hash(), X509_{subject,issuer}_name_hash()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13762)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_cert.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 4f085dd7e6..967f004bb0 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -601,7 +601,8 @@ static int xname_sk_cmp(const X509_NAME *const *a, const X509_NAME *const *b) static unsigned long xname_hash(const X509_NAME *a) { - return X509_NAME_hash((X509_NAME *)a); + /* This returns 0 also if SHA1 is not available */ + return X509_NAME_hash_ex((X509_NAME *)a, NULL, NULL, NULL); } STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, |