Restrict QUIC to use single self signed client cert (#29681)
This commit is contained in:
parent
6359d68f9f
commit
1d0a28c66a
|
@ -57,7 +57,8 @@ pub fn new_self_signed_tls_certificate_chain(
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn get_pubkey_from_tls_certificate(certificates: &[rustls::Certificate]) -> Option<Pubkey> {
|
pub fn get_pubkey_from_tls_certificate(certificates: &[rustls::Certificate]) -> Option<Pubkey> {
|
||||||
certificates.first().and_then(|der_cert| {
|
if certificates.len() == 1 {
|
||||||
|
let der_cert = &certificates[0];
|
||||||
X509Certificate::from_der(der_cert.as_ref())
|
X509Certificate::from_der(der_cert.as_ref())
|
||||||
.ok()
|
.ok()
|
||||||
.and_then(|(_, cert)| {
|
.and_then(|(_, cert)| {
|
||||||
|
@ -66,7 +67,9 @@ pub fn get_pubkey_from_tls_certificate(certificates: &[rustls::Certificate]) ->
|
||||||
_ => None,
|
_ => None,
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
})
|
} else {
|
||||||
|
None
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
|
|
Loading…
Reference in New Issue