diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2011-06-30 10:10:28 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2011-10-21 11:55:14 +0200 |
commit | 82f925b60c0f029295975e64d9acabb53c0a5e3c (patch) | |
tree | 6a3e860a83a2af1ed9fcd8dd179d9cb7e0f1b92a /ssl.h | |
parent | 88aaf1aefd91b3704b3b00eeddff3befdefbc2b8 (diff) | |
download | openvpn-82f925b60c0f029295975e64d9acabb53c0a5e3c.tar.gz openvpn-82f925b60c0f029295975e64d9acabb53c0a5e3c.tar.xz openvpn-82f925b60c0f029295975e64d9acabb53c0a5e3c.zip |
Refactored certificate hash lock checks
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'ssl.h')
-rw-r--r-- | ssl.h | 17 |
1 files changed, 0 insertions, 17 deletions
@@ -218,21 +218,6 @@ */ /* #define MEASURE_TLS_HANDSHAKE_STATS */ -/* - * Keep track of certificate hashes at various depths - */ - -/* Maximum certificate depth we will allow */ -#define MAX_CERT_DEPTH 16 - -struct cert_hash { - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; -}; - -struct cert_hash_set { - struct cert_hash *ch[MAX_CERT_DEPTH]; -}; - #ifdef ENABLE_X509_TRACK struct x509_track @@ -540,14 +525,12 @@ const char *tls_common_name (const struct tls_multi* multi, const bool null); const char *tls_username(const struct tls_multi *multi, const bool null); void tls_set_common_name (struct tls_multi *multi, const char *common_name); void tls_lock_common_name (struct tls_multi *multi); -void tls_lock_cert_hash_set (struct tls_multi *multi); #define TLS_AUTHENTICATION_SUCCEEDED 0 #define TLS_AUTHENTICATION_FAILED 1 #define TLS_AUTHENTICATION_DEFERRED 2 #define TLS_AUTHENTICATION_UNDEFINED 3 int tls_authentication_status (struct tls_multi *multi, const int latency); -void tls_deauthenticate (struct tls_multi *multi); #ifdef MANAGEMENT_DEF_AUTH bool tls_authenticate_key (struct tls_multi *multi, const unsigned int mda_key_id, const bool auth, const char *client_reason); |