credentials_tls: Keep thumbprint rather than client certificate
By storing the client certificate the certificate became detached from its private key stored in user certificate store. This rendered client certificates useless for client TLS authentication. Now, the client certificate thumbprint is stored instead. The client certificate is looked up in the user certificate store as required. This breaks profile XML and BLOB backward compatibility. Since the client certificate support was broken, nobody probably used those in the settings before. Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
@@ -36,6 +36,7 @@
|
||||
#include <string>
|
||||
|
||||
class wxCertificateClientData;
|
||||
class wxCertificateHashClientData;
|
||||
class wxTLSCredentialsPanel;
|
||||
class wxTLSServerTrustPanel;
|
||||
class wxTLSConfigPanel;
|
||||
@@ -93,6 +94,16 @@ public:
|
||||
};
|
||||
|
||||
|
||||
///
|
||||
/// Helper class for auto-destroyable certificate hashes used in wxWidget's item containers
|
||||
///
|
||||
class wxCertificateHashClientData : public wxClientData
|
||||
{
|
||||
public:
|
||||
std::vector<unsigned char> m_cert_hash; ///< Certificate thumbprint
|
||||
};
|
||||
|
||||
|
||||
///
|
||||
/// TLS credential panel
|
||||
///
|
||||
|
||||
Reference in New Issue
Block a user