Simon Josefsson <[EMAIL PROTECTED]> writes: > Nikos Mavrogiannopoulos <[EMAIL PROTECTED]> writes: > >> On Monday 08 October 2007, Rajeev Saini wrote: >> >> Are you sure the client sends the certificate correctly? As far as I can see >> from the dump (below) the certificate packet sent by the client contains 10 >> bytes only (not really a certificate). What it the client program you are >> using? >> >> Ok... I've translated those bytes to TLS protocol and it seems that this >> client is sending "00 00 03 00 00 00" as the certificate (he means empty >> certificate). >> >> The normal way to send it is to send "00 00 00". The one above confuses as >> it >> seems gnutls. Does the attached patch solve this problem to you? > > Supporting this may be needed, although I think we should add a > gnutls_assert or similar to make sure it can be noticed during > debugging. The TLS 1.2 has some wording to make it explicit that the > _list_ should be empty rather than having an empty certificate in the > list.
I just noticed there already was a gnutls_assert in that code... so already taken care of. /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
