Commit 47b7d658 authored by Jay Satiro's avatar Jay Satiro
Browse files

vtls: Change designator name for server's pubkey hash 

- Change the designator name we use to show the base64 encoded sha256
hash of the server's public key from 'pinnedpubkey' to
'public key hash'.

Though the server's public key hash is only shown when comparing pinned
public key hashes, the server's hash may not match one of the pinned.
parent f65e07ca

lib/vtls/vtls.c

+3 −5
Original line number Original line Diff line number Diff line
@@ -797,17 +797,15 @@ CURLcode Curl_pin_peer_pubkey(struct SessionHandle *data, 
      return CURLE_OUT_OF_MEMORY;

      return CURLE_OUT_OF_MEMORY;

    curlssl_sha256sum(pubkey, pubkeylen,

    curlssl_sha256sum(pubkey, pubkeylen,

                      sha256sumdigest, SHA256_DIGEST_LENGTH);

                      sha256sumdigest, SHA256_DIGEST_LENGTH);



    encode = Curl_base64_encode(data, (char *)sha256sumdigest,

    encode = Curl_base64_encode(data, (char *)sha256sumdigest,

                                SHA256_DIGEST_LENGTH, &encoded, &encodedlen);

                                SHA256_DIGEST_LENGTH, &encoded, &encodedlen);

    Curl_safefree(sha256sumdigest);

    Curl_safefree(sha256sumdigest);





    if(!encode) {

    if(encode)

      infof(data, "\t pinnedpubkey: sha256//%s\n", encoded);

    }

    else

      return encode;

      return encode;





    infof(data, "\t public key hash: sha256//%s\n", encoded);



    /* it starts with sha256//, copy so we can modify it */

    /* it starts with sha256//, copy so we can modify it */

    pinkeylen = strlen(pinnedpubkey) + 1;

    pinkeylen = strlen(pinnedpubkey) + 1;

    pinkeycopy = malloc(pinkeylen);

    pinkeycopy = malloc(pinkeylen);