Simon Josefsson wrote: >> I still would see a lot of benefit in being able to check the remote >> peers identity BEFORE the Finished message is sent. That way, I could >> block access to not permitted peers at the risk of the DoS outlined >> above. Am I still overlooking something? > > No, I think that is correct. Nikos, any thoughts? You added some > callbacks during the handshake earlier, are any of those useful here?
No unfortunately not. The callbacks I added are called after client hello is received. The callbacks you discuss need to be called after the certificate message is received. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
