[PATCH] client-side TLS 1.2 support
Simon Josefsson
simon at josefsson.org
Mon Aug 31 13:31:25 CEST 2009
Daiki Ueno <ueno at unixuser.org> writes:
> I'm attaching a set of patches to provide minimal fix for client side
> TLS 1.2 support. I've confirmed them working against Mike's test
> server:
>
> $ gnutls-cli --debug 10 --protocols TLS1.2 -p 443 www.mikestoolbox.net
Great!
> static const gnutls_sign_entry sign_algorithms[] = {
> {"RSA-SHA", SIG_RSA_SHA1_OID, GNUTLS_SIGN_RSA_SHA1, GNUTLS_PK_RSA,
> - GNUTLS_MAC_SHA1},
> + GNUTLS_MAC_SHA1, {2, 1}},
> {"RSA-SHA256", SIG_RSA_SHA256_OID, GNUTLS_SIGN_RSA_SHA256, GNUTLS_PK_RSA,
> - GNUTLS_MAC_SHA256},
> + GNUTLS_MAC_SHA256, {4, 1}},
Please define some constants here instead of using hard coded values.
Otherwise it looks good, I'll apply and test more carefully once you
have fixed the above.
/Simon
More information about the Gnutls-devel
mailing list