mirrors/gst-plugins-rs
mirrors/gst-plugins-rs
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs.git synced 2025-02-23 08:06:18 +00:00
Code Issues Projects Releases Wiki Activity

net/quinn: Fix generation of self signed certificate

Browse source 
The certificate chain was incorrectly being passed the private key instead
of certificate. With rustls 0.23.11 version, this error was being caught
and reported. As stated in the 0.23.11 release, it has a new feature

"API for determining whether a CertifiedKey's certificate and private key
matches: keys_match(). This is called from existing fallible functions
that accept a private key and certificate (for example, with_single_cert())
so these functions now detect this misconfiguration."

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/merge_requests/1666>
This commit is contained in:
Sanchayan Maity 2024-07-12 12:25:56 +05:30 committed by Sebastian Dröge
parent d62429cf76
commit 9d7285d227
1 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
net/quinn/src/utils.rs
View file

@ -336,11 +336,10 @@ fn configure_server(
ep_config.private_key_file.clone(),
)?
} else {
let rcgen::CertifiedKey { cert: _, key_pair } =
let rcgen::CertifiedKey { cert, key_pair } =
rcgen::generate_simple_self_signed(vec![ep_config.server_name.clone()]).unwrap();
let cert_der = key_pair.serialize_der();
let priv_key = rustls_pki_types::PrivateKeyDer::try_from(cert_der.clone()).unwrap();
let cert_chain = vec![rustls_pki_types::CertificateDer::from(cert_der)];
let priv_key = rustls_pki_types::PrivateKeyDer::try_from(key_pair.serialize_der()).unwrap();
let cert_chain = vec![rustls_pki_types::CertificateDer::from(cert)];
(cert_chain, priv_key)
};