d0s3t3ch/wownero
1
0
Fork 0
mirror of https://git.wownero.com/wownero/wownero.git synced 2024-08-15 01:03:23 +00:00
Code Issues Projects Releases Wiki Activity

change SSL certificate fingerprint whitelisting from SHA1 to SHA-256

Browse source 
SHA1 is too close to bruteforceable
This commit is contained in:
moneromooo-monero 2019-04-25 16:35:27 +00:00
parent 581994b61c
commit 5e0da6fb68
No known key found for this signature in database
GPG key ID: 686F07454D6CEFC3
5 changed files with 27 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
contrib/epee/include/net/net_ssl.h
View file

@ -37,6 +37,8 @@
#include <boost/asio/ssl.hpp>
#include <boost/system/error_code.hpp>
#define SSL_FINGERPRINT_SIZE 32
namespace epee
{
namespace net_utils

2
contrib/epee/src/net_ssl.cpp
View file

@ -321,7 +321,7 @@ bool ssl_options_t::has_fingerprint(boost::asio::ssl::verify_context &ctx) const
unsigned int size{ 0 };
// create the digest from the certificate
if (!X509_digest(cert, EVP_sha1(), digest.data(), &size)) {
if (!X509_digest(cert, EVP_sha256(), digest.data(), &size)) {
MERROR("Failed to create certificate fingerprint");
return false;
}