Google Git
Sign in
boringssl / boringssl / 4ac0b38cfc955373a0f0a939b9fb537a07fa8978
commit4ac0b38cfc955373a0f0a939b9fb537a07fa8978[log] [tgz]
authorAdam Langley <agl@chromium.org>Fri Jun 20 15:25:14 2014 -0700
committerAdam Langley <agl@chromium.org>Fri Jun 20 15:31:01 2014 -0700
treed9576d2ab7a52a0fe6c342c23dff3ef0ecff502f
parent3ffd70ec3692f577a947295152fb041ff4b8607b [diff]
Try both old and new X.509 hashes.

Ensure the library can find the right files under /etc/ssl/certs when
running on older systems.

There are many symbolic links under /etc/ssl/certs created by using
hash of the PEM certificates in order for OpenSSL to find those
certificates. Openssl has a tool to help you create hash symbolic
links (tools/c_rehash). However newer versions of the library changed
the hash algorithm, which makes it unable to run properly on systems
that use the old /etc/ssl/certs layout (e.g. Ubuntu Lucid).

This patch gives a way to find a certificate according to its hash by
using both the old and new algorithms. http://crbug.com/111045 is used
to track this issue.

(Imported from Chromium:
http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/openssl/patches.chromium/0003-x509_hash_name_algorithm_change.patch?revision=231571)

Change-Id: Idbc27aba7685c991f8b94cfea38cf4f3f4b38adc
1 file changed
tree: d9576d2ab7a52a0fe6c342c23dff3ef0ecff502f
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUGS
  10. BUILDING
  11. CMakeLists.txt