gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

simplify certificate verification in certManager

Browse Source
This commit is contained in:
Marten Seemann
2016-11-20 23:25:49 +08:00
parent 865aed07d8
commit 6f5b2d308d
1 changed files with 3 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
crypto/cert_manager.go
View File

@@ -65,16 +65,13 @@ func (c *certManager) VerifyServerProof(proof, chlo, serverConfigData []byte) (b
return verifyServerProof(proof, c.chain[0], chlo, serverConfigData), nil
}
// Verify verifies the certificate chain
func (c *certManager) Verify(hostname string) error {
if len(c.chain) == 0 {
return errNoCertificateChain
}
leafCert, err := x509.ParseCertificate(c.GetLeafCert())
if err != nil {
return err
}
leafCert := c.chain[0]
opts := x509.VerifyOptions{DNSName: hostname}
// the first certificate is the leaf certificate, all others are intermediates
@@ -86,6 +83,6 @@ func (c *certManager) Verify(hostname string) error {
opts.Intermediates = intermediates
}
_, err = leafCert.Verify(opts)
_, err := leafCert.Verify(opts)
return err
}