Inicio Explorar Axuda
Iniciar sesión
piros
/
tor
3
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Generate our x509 certificates using sha256, not sha1.

All supported Tors (0.2.4+) require versions of openssl that can
handle this.

Now that our link certificates are RSA2048, this might actually help
vs fingerprinting a little.
Nick Mathewson %!s(int64=7) %!d(string=hai) anos
pai
805e97a433
achega
70e7d28b3e
Modificáronse 1 ficheiros con 2 adicións e 1 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 2 1
      src/common/tortls.c

+ 2 - 1
src/common/tortls.c
Ver ficheiro 

@@ -523,7 +523,8 @@ MOCK_IMPL(STATIC X509 *,
 
     goto error;
 
   if (!X509_set_pubkey(x509, pkey))
 
     goto error;
 
-  if (!X509_sign(x509, sign_pkey, EVP_sha1()))
 
+
 
+  if (!X509_sign(x509, sign_pkey, EVP_sha256()))
 
     goto error;
 
 
   goto done;