From 40a87c4c08be0cdd87a3df283f285b3c2a0c8445 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Sun, 27 Nov 2011 09:24:41 -0500 Subject: indent; add comment --- src/common/tortls.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/common/tortls.c b/src/common/tortls.c index 9ac5c34f26..b4d81de2f3 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -585,6 +585,8 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa, const char *cname_sign, unsigned int cert_lifetime) { + /* OpenSSL generates self-signed certificates with random 64-bit serial + * numbers, so let's do that too. */ #define SERIAL_NUMBER_SIZE 8 time_t start_time, end_time; @@ -612,12 +614,12 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa, goto error; { /* our serial number is 8 random bytes. */ - if (crypto_rand((char *)serial_tmp, sizeof(serial_tmp)) < 0) - goto error; - if (!(serial_number = BN_bin2bn(serial_tmp, sizeof(serial_tmp), NULL))) - goto error; - if (!(BN_to_ASN1_INTEGER(serial_number, X509_get_serialNumber(x509)))) - goto error; + if (crypto_rand((char *)serial_tmp, sizeof(serial_tmp)) < 0) + goto error; + if (!(serial_number = BN_bin2bn(serial_tmp, sizeof(serial_tmp), NULL))) + goto error; + if (!(BN_to_ASN1_INTEGER(serial_number, X509_get_serialNumber(x509)))) + goto error; } if (!(name = tor_x509_name_new(cname))) -- cgit v1.2.3-54-g00ecf