ref: 455b42743d3a3458f7c23926607e53c0b2906e5e
parent: c06e464ec45dd5880850fa60c850498861c514d3
author: cinap_lenrek <[email protected]>
date: Sat Sep 12 09:04:47 EDT 2015
libsec: handle TLS 1.2 changes in CertificateRequest message
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -1614,6 +1614,19 @@
m->u.certificateRequest.types = makebytes(p, nn);
p += nn;
n -= nn;
+ if(c->version >= TLS12Version){
+ /* skip supported_signature_algorithms */
+ if(n < 2)
+ goto Short;
+ nn = get16(p);
+ p += 2;
+ n -= 2;
+ if(nn > n)
+ goto Short;
+ p += nn;
+ n -= nn;
+
+ }
if(n < 2)
goto Short;
nn = get16(p);