mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-01-31 11:37:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Permit multiple certs with same common name

Browse source 
This is needed to support Cloudflare interop.
This commit is contained in:
Justine Tunney 2022-09-27 18:07:21 -07:00
parent 87708c5d6e
commit b46f763ee7
No known key found for this signature in database
GPG key ID: BE714B4575D6E328
4 changed files with 2 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
libc/sock/accept.c
View file

@ -17,6 +17,7 @@
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/sock/sock.h"
#include "libc/sock/struct/sockaddr.h"
/**
* Creates client socket file descriptor for incoming connection.

2
libc/sock/sock.h
View file

@ -1,6 +1,5 @@
#ifndef COSMOPOLITAN_LIBC_SOCK_SOCK_H_
#define COSMOPOLITAN_LIBC_SOCK_SOCK_H_
#include "libc/sock/struct/sockaddr.h"
#if !(__ASSEMBLER__ + __LINKER__ + 0)
COSMOPOLITAN_C_START_
/*───────────────────────────────────────────────────────────────────────────│─╗
@ -30,7 +29,6 @@ uint32_t *GetHostIps(void);
int nointernet(void);
int socket(int, int, int);
int accept(int, struct sockaddr *, uint32_t *);
int accept4(int, void *, uint32_t *, int);
int bind(int, const void *, uint32_t);
int connect(int, const void *, uint32_t);

1
libc/sock/struct/sockaddr.h
View file

@ -35,6 +35,7 @@ struct sockaddr_storage {
int inet_aton(const char *, struct in_addr *);
char *inet_ntoa(struct in_addr);
int accept(int, struct sockaddr *, uint32_t *);
COSMOPOLITAN_C_END_
#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */

11
tool/net/redbean.c
View file

@ -686,17 +686,6 @@ static void InternCertificate(mbedtls_x509_crt *cert, mbedtls_x509_crt *prev) {
WARNF("(ssl) certificate %`'s is from the future",
_gc(FormatX509Name(&cert->subject)));
}
for (i = 0; i < certs.n; ++i) {
if (!certs.p[i].cert) continue;
if (mbedtls_pk_get_type(&cert->pk) ==
mbedtls_pk_get_type(&certs.p[i].cert->pk) &&
!mbedtls_x509_name_cmp(&cert->subject, &certs.p[i].cert->subject)) {
VERBOSEF("(ssl) %s %`'s is already loaded",
mbedtls_pk_get_name(&cert->pk),
_gc(FormatX509Name(&cert->subject)));
return;
}
}
for (i = 0; i < certs.n; ++i) {
if (!certs.p[i].cert && certs.p[i].key &&
!mbedtls_pk_check_pair(&cert->pk, certs.p[i].key)) {