[gnutls-devel] Patch for GnuTLS 2.10.2 - The DCO

Frank Morgner morgner at informatik.hu-berlin.de
Fri Aug 30 22:05:50 CEST 2013


On Friday, August 30 at 05:18PM, Nikos Mavrogiannopoulos wrote:
> On Fri, Aug 30, 2013 at 4:53 PM, Frank Morgner <
> morgner at informatik.hu-berlin.de> wrote:
> 
> > Please find the ported patch for RSA-PSK here:
> > https://github.com/frankmorgner/gnutls/tree/master
> >
> > The currently not building branch gnutls_2_10_x should be updated, see
> > https://github.com/frankmorgner/gnutls/tree/gnutls_2_10_x
> >
> 
> Thank you. I have updated the 2.10.x branch. While doing few changes to
> adopt it for the master branch, I have a question on the implementation.
> You add _gnutls_kx_needs_rsa_params(). Is that supposed to return true when
> the ciphersuite requires an RSA certificate, or that temporary RSA
> parameters are needed? The code seems to imply the latter, but I'm not sure
> that this is needed.

Yes indeed, it should return 1 if the ciphersuite requires rsa paraters.
Although I personally don't like the #define in question, because it is
somewhat not intuitive, I still kept it for consistency. It is the same
mechanism as used in _gnutls_kx_needs_dh_params and it has also been in
the original patch from Bardenheuer.

-- 
Frank Morgner

Virtual Smart Card Architecture http://vsmartcard.sourceforge.net
OpenPACE                        http://openpace.sourceforge.net
IFD Handler for libnfc Devices  http://sourceforge.net/projects/ifdnfc



More information about the Gnutls-devel mailing list