shithub: riscv

Download patch

ref: 455b42743d3a3458f7c23926607e53c0b2906e5e
parent: c06e464ec45dd5880850fa60c850498861c514d3
author: cinap_lenrek <[email protected]>
date: Sat Sep 12 09:04:47 EDT 2015

libsec: handle TLS 1.2 changes in CertificateRequest message

--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -1614,6 +1614,19 @@
 		m->u.certificateRequest.types = makebytes(p, nn);
 		p += nn;
 		n -= nn;
+		if(c->version >= TLS12Version){
+			/* skip supported_signature_algorithms */
+			if(n < 2)
+				goto Short;
+			nn = get16(p);
+			p += 2;
+			n -= 2;
+			if(nn > n)
+				goto Short;
+			p += nn;
+			n -= nn;
+
+		}
 		if(n < 2)
 			goto Short;
 		nn = get16(p);