libsec: handle TLS 1.2 changes in CertificateRequest message

2015-09-12 13:04:47 +02:00 · 2015-09-12 13:04:47 +02:00 · 455b42743d
parent c06e464ec4
commit 455b42743d
1 changed files with 13 additions and 0 deletions
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@ -1614,6 +1614,19 @@ msgRecv(TlsConnection *c, Msg *m)
 		m->u.certificateRequest.types = makebytes(p, nn);
 		p += nn;
 		n -= nn;
+		if(c->version >= TLS12Version){
+			/* skip supported_signature_algorithms */
+			if(n < 2)
+				goto Short;
+			nn = get16(p);
+			p += 2;
+			n -= 2;
+			if(nn > n)
+				goto Short;
+			p += nn;
+			n -= nn;
+
+		}
 		if(n < 2)
 			goto Short;
 		nn = get16(p);