ref: 0acb56a45d788bfcee798237f1978f75f76d168d
parent: 57e1959e5973841f4b91e004b283eed9a1076a51
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sat Sep 12 09:04:47 EDT 2015
libsec: handle TLS 1.2 changes in CertificateRequest message
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -1614,6 +1614,19 @@
m->u.certificateRequest.types = makebytes(p, nn);
p += nn;
n -= nn;
+ if(c->version >= TLS12Version){+ /* skip supported_signature_algorithms */
+ if(n < 2)
+ goto Short;
+ nn = get16(p);
+ p += 2;
+ n -= 2;
+ if(nn > n)
+ goto Short;
+ p += nn;
+ n -= nn;
+
+ }
if(n < 2)
goto Short;
nn = get16(p);
--
⑨