]> git.ipfire.org Git - thirdparty/openvpn.git/commit
Use SSL_get0_peer_signature_name instead of SSL_get_peer_signature_nid
authorArne Schwabe <arne@rfc2549.org>
Wed, 2 Apr 2025 15:33:28 +0000 (17:33 +0200)
committerGert Doering <gert@greenie.muc.de>
Tue, 8 Apr 2025 11:28:36 +0000 (13:28 +0200)
commitb60d2bb98c77d5836b7e3e2d21eeeb17aa55d3f2
tree63fe343ba61bfe20e2c50eefb1cbc311587b0fd0
parenta51fb119d7e9a9db9173a10f9e20a4035ca76bbe
Use SSL_get0_peer_signature_name instead of SSL_get_peer_signature_nid

SSL_get0_peer_signature_name returns a string instead of hardcoded NIDs.
NIDS do not work with provider provided signatures or the new PQ
signatures introduced in OpenSSL 3.5.

Remove also the comment that was added earlier that says that there
is no proper API replacement for SSL_get_peer_signature_nid yet as
OpenSSL 3.5.0 has now introduced it.

Change-Id: I2bc782ceebcc91a8dc8ada0bb72ac042be46cad6
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Message-Id: <20250402153337.5262-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31336.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpn/openssl_compat.h
src/openvpn/ssl_openssl.c