gnutls-commit
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-40-g3349e19

From: Nikos Mavrogiannopoulos
Subject: [SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-40-g3349e19
Date: Sun, 01 Nov 2009 15:54:33 +0000 
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=3349e19bcf9f7289df22b450c283d7ca21278e16

The branch, master has been updated
       via  3349e19bcf9f7289df22b450c283d7ca21278e16 (commit)
      from  07dba24ea3c1fb0b808c79ec32c537cffcb7c741 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3349e19bcf9f7289df22b450c283d7ca21278e16
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sun Nov 1 17:52:22 2009 +0200

    Do not check signature algorithms for certificate selection when using 
openpgp certificates.

-----------------------------------------------------------------------

Summary of changes:
 lib/auth_cert.c |    8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/auth_cert.c b/lib/auth_cert.c
index a375633..d637316 100644
--- a/lib/auth_cert.c
+++ b/lib/auth_cert.c
@@ -1921,8 +1921,12 @@ _gnutls_server_select_cert (gnutls_session_t session,
        {
          /* if cert type and signature algorithm matches 
           */
-         if (session->security_parameters.cert_type ==
-             cred->cert_list[i][0].cert_type && 
_gnutls_session_sign_algo_requested(session, cred->cert_list[i][0].sign_algo) 
== 0)
+         if (session->security_parameters.cert_type == 
cred->cert_list[i][0].cert_type && 
+             (cred->cert_list[i][0].cert_type == GNUTLS_CRT_OPENPGP || /* 
FIXME: make this a check for
+                                                                         * 
certificate type capabilities
+                                                                         */
+              !_gnutls_version_has_selectable_sighash 
(gnutls_protocol_get_version (session)) || 
+              _gnutls_session_sign_algo_requested(session, 
cred->cert_list[i][0].sign_algo) == 0))
            {
              idx = i;
              break;


hooks/post-receive
-- 
GNU gnutls
reply via email to
[Prev in Thread] Current Thread [Next in Thread]