diff options
| author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2019-04-25 16:35:27 +0000 |
|---|---|---|
| committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2019-04-26 11:37:15 +0000 |
| commit | 5e0da6fb68446612844970be1e862f0e5bc25183 (patch) | |
| tree | 4ed606653be6d510b3a7f27f12e79681732704c3 /contrib/epee/src/net_ssl.cpp | |
| parent | Merge pull request #5486 (diff) | |
| download | monero-5e0da6fb68446612844970be1e862f0e5bc25183.tar.xz | |
change SSL certificate fingerprint whitelisting from SHA1 to SHA-256
SHA1 is too close to bruteforceable
Diffstat (limited to 'contrib/epee/src/net_ssl.cpp')
| -rw-r--r-- | contrib/epee/src/net_ssl.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp index 7bedb18ac..c17d86eca 100644 --- a/contrib/epee/src/net_ssl.cpp +++ b/contrib/epee/src/net_ssl.cpp @@ -321,7 +321,7 @@ bool ssl_options_t::has_fingerprint(boost::asio::ssl::verify_context &ctx) const unsigned int size{ 0 }; // create the digest from the certificate - if (!X509_digest(cert, EVP_sha1(), digest.data(), &size)) { + if (!X509_digest(cert, EVP_sha256(), digest.data(), &size)) { MERROR("Failed to create certificate fingerprint"); return false; } |