[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_14a-3-g5557
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_14a-3-g5557660 |
Date: |
Thu, 05 Jan 2012 14:07:35 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=555766063e08fc675b88e06560f79456c4ba4f24
The branch, gnutls_2_12_x has been updated
via 555766063e08fc675b88e06560f79456c4ba4f24 (commit)
from cd9596adfd9348b4fab60e8613586597af4c9722 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 555766063e08fc675b88e06560f79456c4ba4f24
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Jan 5 14:58:16 2012 +0100
Disable signature algorithms that are not supported for client certificate
verification.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +++
lib/ext_signature.c | 6 +++++-
2 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/NEWS b/NEWS
index 182a0cd..0638a51 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,9 @@ See the end for copying conditions.
Version 2.12.15 (unreleased)
+** libgnutls: Disable signature algorithms that are not supported
+for client certificate verification.
+
** libgnutls: Optimized DH generation process (ported from 3.0.x)
** API and ABI modifications:
diff --git a/lib/ext_signature.c b/lib/ext_signature.c
index 48eb535..e8d8560 100644
--- a/lib/ext_signature.c
+++ b/lib/ext_signature.c
@@ -127,7 +127,7 @@ int
_gnutls_sign_algorithm_parse_data (gnutls_session_t session,
const opaque * data, size_t data_size)
{
- int sig, i;
+ int sig, i, hash;
sig_ext_st *priv;
extension_priv_data_t epriv;
@@ -150,6 +150,10 @@ _gnutls_sign_algorithm_parse_data (gnutls_session_t
session,
_gnutls_debug_log ("EXT[SIGA]: rcvd signature algo (%d.%d) %s\n",
aid.hash_algorithm,
aid.sign_algorithm, gnutls_sign_get_name(sig));
+ hash = _gnutls_sign_get_hash_algorithm(sig);
+ if (hash != GNUTLS_DIG_SHA1 && hash != GNUTLS_DIG_SHA256)
+ continue;
+
if (sig != GNUTLS_SIGN_UNKNOWN)
{
priv->sign_algorithms[priv->sign_algorithms_size++] = sig;
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_14a-3-g5557660,
Nikos Mavrogiannopoulos <=