]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Do not output error if a server replies with a SignatureAlgorithms extension.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sun, 1 Nov 2009 12:57:24 +0000 (14:57 +0200)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sun, 1 Nov 2009 12:57:24 +0000 (14:57 +0200)
lib/ext_signature.c

index 828c006d32c36d6e23fd4b1280d4bb4fbc59f6ac..fec09df7106e80e4019c34ea55fa8cded9523045 100644 (file)
@@ -216,7 +216,11 @@ _gnutls_signature_algorithm_recv_params (gnutls_session_t session,
     {
       /* nothing for now */
       gnutls_assert ();
-      return GNUTLS_E_UNEXPECTED_PACKET;
+      /* Although TLS 1.2 mandates that we must not accept reply
+       * to this message, there are good reasons to just ignore it. Check
+       * http://www.ietf.org/mail-archive/web/tls/current/msg03880.html
+       */
+      /* return GNUTLS_E_UNEXPECTED_PACKET; */
     }
   else
     {