Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
Apq
/
syncthing
spogulis no https://github.com/syncthing/syncthing.git
1
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Pārlūkot izejas kodu

Generate certs with SHA256 signature instead of SHA1

Doesn't matter at all for BEP, but the same stuff is used by the web UI
and modern browsers are starting to dislike SHA1 extra much.
Jakob Borg 10 gadi atpakaļ
vecāks
f2db1c8ab2
revīzija
64354b51c9
2 mainītis faili ar 5 papildinājumiem un 1 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 4 1
      cmd/syncthing/main.go
  2. 1 0
      lib/tlsutil/tlsutil.go

+ 4 - 1
cmd/syncthing/main.go
Parādīt failu 

@@ -302,9 +302,12 @@ func main() {
 
 			l.Infoln("Device ID:", protocol.NewDeviceID(cert.Certificate[0]))
 
 		} else {
 
 			cert, err = tlsutil.NewCertificate(certFile, keyFile, tlsDefaultCommonName, tlsRSABits)
 
+			if err != nil {
 
+				l.Fatalln("Create certificate:", err)
 
+			}
 
 			myID = protocol.NewDeviceID(cert.Certificate[0])
 
 			if err != nil {
 
-				l.Fatalln("load cert:", err)
 
+				l.Fatalln("Load certificate:", err)
 
 			}
 
 			if err == nil {
 
 				l.Infoln("Device ID:", protocol.NewDeviceID(cert.Certificate[0]))

+ 1 - 0
lib/tlsutil/tlsutil.go
Parādīt failu 

@@ -47,6 +47,7 @@ func NewCertificate(certFile, keyFile, tlsDefaultCommonName string, tlsRSABits i
 
 		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
 
 		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth},
 
 		BasicConstraintsValid: true,
 
+		SignatureAlgorithm:    x509.SHA256WithRSA,
 
 	}
 
 
 	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)