[gnutls-devel] GnuTLS | RFC7250 certificate type negotiation (!498)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Aug 20 13:43:11 CEST 2018
Tom commented on a discussion on lib/ext/server_cert_type.c:
> ssize_t len = data_size;
> const uint8_t* pdata = data;
> - /* Only activate this extension if cert type negotiation is enabled
> - * and we have cert credentials set */
> + /* Only activate this extension if cert type negotiation is enabled,
> + * we are not resuming a session and we have cert credentials set */
> if (!_gnutls_has_negotiate_ctypes(session) ||
> + gnutls_session_is_resumed(session) ||
I agree. I was about to conclude the same thing after reading the code for TLS 1.2. But then you pointed me to the `gnutls_session_is_resumed` function and made me doubt whether I've missed a specific case, so I added this check to be sure. Since we both conclude that it is redundant I will remove it.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/498#note_95499076
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel