Skip to content
Snippets Groups Projects
Commit 7e220ff0 authored by Martin Nilsson's avatar Martin Nilsson
Browse files

My reading of TLS 1.2 (+ errata) is that the client certificate struct is expanded.

parent 6346d2f6
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
lib/modules/SSL.pmod/handshake.pike
+ 4
0
View file @ 7e220ff0
...@@ -499,6 +499,7 @@ Packet certificate_request_packet(SSL.context context) ...@@ -499,6 +499,7 @@ Packet certificate_request_packet(SSL.context context)
/* Send a CertificateRequest message */ /* Send a CertificateRequest message */
ADT.struct struct = ADT.struct(); ADT.struct struct = ADT.struct();
struct->put_var_uint_array(context->preferred_auth_methods, 1, 1); struct->put_var_uint_array(context->preferred_auth_methods, 1, 1);
// FIXME: TLS 1.2 has var_uint_array of hash and sign pairs here.
struct->put_var_string([string(0..255)] struct->put_var_string([string(0..255)]
sprintf("%{%2H%}", context->authorities_cache), 2); sprintf("%{%2H%}", context->authorities_cache), 2);
return handshake_packet(HANDSHAKE_certificate_request, return handshake_packet(HANDSHAKE_certificate_request,
...@@ -1584,6 +1585,9 @@ int(-1..1) handle_handshake(int type, string(0..255) data, string(0..255) raw) ...@@ -1584,6 +1585,9 @@ int(-1..1) handle_handshake(int type, string(0..255) data, string(0..255) raw)
client_cert_types = input->get_var_uint_array(1, 1); client_cert_types = input->get_var_uint_array(1, 1);
client_cert_distinguished_names = ({}); client_cert_distinguished_names = ({});
// FIXME: TLS 1.2 has var_uint_array of hash and sign pairs here.
int num_distinguished_names = input->get_uint(2); int num_distinguished_names = input->get_uint(2);
if(num_distinguished_names) if(num_distinguished_names)
{ {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment