diff options
author | Peter Wu <peter@lekensteyn.nl> | 2018-12-01 03:40:17 +0100 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2018-12-01 09:07:57 +0000 |
commit | 97dbdc3ac9ae55ed0932d42dca73e07ee0aa3ffd (patch) | |
tree | 100028a4ca3faf4e73bbc06bd8b20c1f8dfc2f1f /epan/secrets.h | |
parent | 0ceead5335bdebd3b7a2816c3a429145bdc4bbc6 (diff) |
TLS: really delay key lookup until it is necessary
Even if the certificate has a RSA public key, be sure to lookup the key
only if it is an actual RSA key exchange. Move the hashtable to the
secrets module to enable reuse.
Change-Id: I39010831079d3b65d5d4368ec97d02491c1615a5
Reviewed-on: https://code.wireshark.org/review/30854
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/secrets.h')
-rw-r--r-- | epan/secrets.h | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/epan/secrets.h b/epan/secrets.h index de2cb05ee2..90de6382c9 100644 --- a/epan/secrets.h +++ b/epan/secrets.h @@ -46,6 +46,15 @@ enum secrets_scope { }; #endif +#ifdef HAVE_LIBGNUTLS +/** Identifier for a RSA public key (a SHA-1 hash). */ +struct cert_key_id { + guint8 key_id[20]; +}; +typedef struct cert_key_id cert_key_id_t; +#endif /* HAVE_LIBGNUTLS */ + + /** * Callback for the wiretap secrets provider (wtap_new_secrets_callback_t). */ @@ -65,4 +74,10 @@ typedef void (*secrets_block_callback_t)(const void *secrets, guint size); * @param cb Callback to be invoked for new secrets. */ void secrets_register_type(guint32 secrets_type, secrets_block_callback_t cb); + +#ifdef HAVE_LIBGNUTLS +/** Returns a new hash table, mapping cert_key_id_t -> gnutls_privkey_t. */ +GHashTable *privkey_hash_table_new(void); +#endif /* HAVE_LIBGNUTLS */ + #endif /* __SECRETS_H__ */ |