httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: [PATCH] Support RFC5929 - Channel Bindings for TLS
Date Wed, 27 Aug 2014 13:57:15 GMT
Hi Simo - thanks for sending this in!  I'm fine with adding this.  One 
question - this part looks a bit magic:

On Tue, Aug 05, 2014 at 06:24:29PM -0400, Simo Sorce wrote:
> +    } else if (x != NULL) {
> +        const EVP_MD *md;
> +
> +        md = EVP_get_digestbynid(OBJ_obj2nid(x->sig_alg->algorithm));
> +        if (md == NULL ||
> +            md == EVP_md5() ||
> +            md == EVP_sha1()) {
> +            md = EVP_sha256();
> +        }
> +        if (!X509_digest(x, md, cb, &l)) {
> +            return APR_EGENERAL;
> +        }

I get "pick a better digest" - is this specified in the RFC?

Regaards, Joe

Mime
View raw message