[gnutls-devel] GnuTLS | RFC7250 Raw public keys (!650)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Nov 26 14:01:47 CET 2018


Nikos Mavrogiannopoulos commented on a discussion on lib/auth/cert.c:

>  	 * then send that one.
>  	 */
>  	if (cred->ncerts == 1 &&
> -		(data_size == 0 || (session->internals.flags & GNUTLS_FORCE_CLIENT_CERT))) {
> +	    (data_size == 0
> +	     || (session->internals.flags & GNUTLS_FORCE_CLIENT_CERT))) {
> +		// Do a cert type check
> +		if (cred->certs[0].cert_list_length > 0 &&

Since you added that code which adds a public key into the credential structure I think you are in better position to understand the options that it introduces. The best is to check them when adding the public key rather than checking it on every use.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_120065848
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181126/505ecc83/attachment.html>


More information about the Gnutls-devel mailing list