gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

本地签发证书时,密钥用法不copy原证书。https://git.mesalab.cn/tango/certstore/issues/8

Browse Source
This commit is contained in:
zhengchao
2019-06-22 00:33:44 +08:00
parent 811435ca92
commit 0475638ab9
1 changed files with 4 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
platform/src/ssl_utils.cpp
View File

@@ -666,9 +666,7 @@ X509 * ssl_x509_forge(X509 * cacrt, EVP_PKEY * cakey, X509 * origcrt, EVP_PKEY *
if (rv == -1) if (rv == -1)
goto errout; goto errout;
rv = ssl_x509_v3ext_copy_by_nid(crt, origcrt, //Not copy keyUsage, because RSA is not compatibel with "Key Agreement".
NID_key_usage);
if (rv == 0)
rv = ssl_x509_v3ext_add(&ctx, crt, "keyUsage", rv = ssl_x509_v3ext_add(&ctx, crt, "keyUsage",
"digitalSignature," "digitalSignature,"
"keyEncipherment"); "keyEncipherment");