diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-05-21 13:43:34 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-11-03 08:37:21 -0400 |
| commit | e23389841c7797615b09ee6457e841b4ed13ea75 (patch) | |
| tree | 5303cc276c4888567b883f3fec70209a2b5de2fa /src/or/channeltls.c | |
| parent | 4ef42e7c529a95b69d3e830e115e5d0453d38dfb (diff) | |
| download | tor-e23389841c7797615b09ee6457e841b4ed13ea75.tar.gz tor-e23389841c7797615b09ee6457e841b4ed13ea75.zip | |
Migrate certificates into a sub-structure of or_handshake_state
This will help us do cert-checking in the background in the future,
perhaps.
Diffstat (limited to 'src/or/channeltls.c')
| -rw-r--r-- | src/or/channeltls.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 9e92aadfb1..fbe784c77c 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -1947,7 +1947,7 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) "Got some good certificates from %s:%d: Authenticated it.", safe_str(chan->conn->base_.address), chan->conn->base_.port); - chan->conn->handshake_state->id_cert = id_cert; + chan->conn->handshake_state->certs->id_cert = id_cert; x509_certs[OR_CERT_TYPE_ID_1024] = NULL; if (!public_server_mode(get_options())) { @@ -1973,8 +1973,8 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) chan->conn->base_.port); /* XXXX check more stuff? */ - chan->conn->handshake_state->id_cert = id_cert; - chan->conn->handshake_state->auth_cert = auth_cert; + chan->conn->handshake_state->certs->id_cert = id_cert; + chan->conn->handshake_state->certs->auth_cert = auth_cert; x509_certs[OR_CERT_TYPE_ID_1024] = x509_certs[OR_CERT_TYPE_AUTH_1024] = NULL; } @@ -2147,9 +2147,9 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) } if (!(chan->conn->handshake_state->received_certs_cell)) ERR("We never got a certs cell"); - if (chan->conn->handshake_state->auth_cert == NULL) + if (chan->conn->handshake_state->certs->auth_cert == NULL) ERR("We never got an authentication certificate"); - if (chan->conn->handshake_state->id_cert == NULL) + if (chan->conn->handshake_state->certs->id_cert == NULL) ERR("We never got an identity certificate"); if (cell->payload_len < 4) ERR("Cell was way too short"); @@ -2195,7 +2195,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) { crypto_pk_t *pk = tor_tls_cert_get_key( - chan->conn->handshake_state->auth_cert); + chan->conn->handshake_state->certs->auth_cert); char d[DIGEST256_LEN]; char *signed_data; size_t keysize; @@ -2234,9 +2234,9 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) chan->conn->handshake_state->digest_received_data = 0; { crypto_pk_t *identity_rcvd = - tor_tls_cert_get_key(chan->conn->handshake_state->id_cert); + tor_tls_cert_get_key(chan->conn->handshake_state->certs->id_cert); const common_digests_t *id_digests = - tor_x509_cert_get_id_digests(chan->conn->handshake_state->id_cert); + tor_x509_cert_get_id_digests(chan->conn->handshake_state->certs->id_cert); /* This must exist; we checked key type when reading the cert. */ tor_assert(id_digests); |