[gnutls-devel] GnuTLS | gnutls_priority_init: ignore CTYPE-OPENPGP options (!789)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Nov 1 13:13:18 CET 2018
Nikos Mavrogiannopoulos commented on a discussion on lib/priority.c:
> + cert_type_priority_all);
> } else if ((algo = gnutls_certificate_type_get_id
> - (&broken_list[i][11])) != GNUTLS_CRT_UNKNOWN)
> - { // Specific server cert type allowed
> + (&broken_list[i][11])) != GNUTLS_CRT_UNKNOWN) {
> + // Specific server cert type allowed
> fn(&(*priority_cache)->server_ctype, algo);
> } else goto error;
> } else { // Symmetric certificate type
> if ((algo = gnutls_certificate_type_get_id
> - (&broken_list[i][7])) != GNUTLS_CRT_UNKNOWN)
> - {
> + (&broken_list[i][7])) != GNUTLS_CRT_UNKNOWN) {
> fn(&(*priority_cache)->client_ctype, algo);
> fn(&(*priority_cache)->server_ctype, algo);
> + } else if (strncasecmp(&broken_list[i][1], "CTYPE-OPENPGP", 13) == 0) {
That's my understanding too, and the unit test added actually verifies that this works.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/789#note_113767416
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181101/26c95ad0/attachment.html>
More information about the Gnutls-devel
mailing list