xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

libsec: handle missing signature case; can happen because some ciphers make it optional

Browse source
This commit is contained in:
cinap_lenrek 2015-09-22 19:11:54 +02:00
parent 2c4d3dd510
commit ada54defbc
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
sys/src/libsec/port/tlshand.c
View file

@ -981,6 +981,9 @@ verifyDHparams(TlsConnection *c, Bytes *par, Bytes *sig, int sigalg)
RSApub *pk; RSApub *pk;
char *err; char *err;
if(sig == nil || sig->len <= 0)
return "no signature";
pk = X509toRSApub(c->cert->data, c->cert->len, nil, 0); pk = X509toRSApub(c->cert->data, c->cert->len, nil, 0);
if(pk == nil) if(pk == nil)
return "bad certificate"; return "bad certificate";
@ -1767,7 +1770,7 @@ msgRecv(TlsConnection *c, Msg *m)
p += nn, n -= nn; p += nn, n -= nn;
} else { } else {
/* should not happen */ /* should not happen */
break; goto Short;
} }
m->u.serverKeyExchange.dh_parameters = makebytes(s, p - s); m->u.serverKeyExchange.dh_parameters = makebytes(s, p - s);
if(n >= 2){ if(n >= 2){