mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-07-30 04:39:06 +00:00
d78813d902
The `build_rsa_pre_master_secret` function originally called `verify_chain_and_get_matching_certificate`, which verified the chain and returned a certificate matching the specified hostname. Since the first certificate in the chain should always be the one matching with the hostname, we can simply use that one instead. This means we can completely remove this method and just use `verify_chain`. To make sure the hostname is still verified, `verify_chain` now also checks that the first certificate in the chain matches the specified hostname. If the hostname is empty, we currently fail the verification, however this basically never happen, as the server name indication extension is always used. |
||
|---|---|---|
| .. | ||
| Certificate.cpp | ||
| Certificate.h | ||
| CipherSuite.h | ||
| CMakeLists.txt | ||
| Handshake.cpp | ||
| HandshakeCertificate.cpp | ||
| HandshakeClient.cpp | ||
| HandshakeServer.cpp | ||
| Record.cpp | ||
| Socket.cpp | ||
| TLSPacketBuilder.h | ||
| TLSv12.cpp | ||
| TLSv12.h | ||